Head of IAM Engineering – Identity and Access Management (IAM)
 

Big Bank Funding. FinTech Thinking.

Our technology teams in the UK work closely with HSBC’s global businesses to help design and build digital services that allow our millions of customers around the world, to bank quickly, simply and securely. We also run and manage our IT infrastructure, data centres and core banking systems that power the world’s leading international bank.

Our multi-disciplined teams include: DevOps engineers, IT architects, front and back end developers, infrastructure specialists, cyber experts, as well as project and programme managers.

We work in small, agile DevOps teams with colleagues around the world from our offices at the in Southwark, our global headquarters in Canary Wharf, and multiple other locations around the UK including Sheffield, Leeds, Barnsley and Birmingham.

Role Purpose
HSBC is organized by a number of lines of business and global functions. 
Identity and Access Management (IAM), in the first line of defence, serves as the focal point  in Cybersecurity for access related activities ensuring that HSBC’s electronic based assets are monitored, managed, accessed and protected effectively so that only those people with a legitimate business need can access or modify them, when they need to do so.

Reporting to the Global Head of IAM, the Head of IAM Engineering role covers all aspects of engineering activity within IAM.  Working within IAM, the role holder will ensure that the controls implemented must also be monitored for completeness, performance & efficiency.
 

Responsible for the running of IAM Engineering across all countries in which HSBC operates. IAM Engineering manages and supports the infrastructure software that delivers the staff-facing Identity and Access Management (IAM) controls for the organization. These controls enable, monitor and recertify staff access to workstations, servers and applications, including standard and privileged access. The technology ensures staff have the correct access, and only the correct access, required to perform their duties.

Role ensures the service is world class from an SLA, commercial and regulatory perspective attracting Identity and Access Management engineering professionals to the domain and building on our existing talent. Responsible for the strategy of all IAM Engineering products and the operating model to meet the IAM control demand of all the businesses the department services across all GBGFs.

The job holder will build and develop a global IAM Engineering team to deliver access management including authentication, authorization, monitoring and privileges across all the Bank’s system boundaries with the goal of increasing security and productivity while decreasing cost, downtime and repetitive tasks. Driving the ethos and practice that only the business will truly be able to determine the appropriateness of an individual being granted access to their data and therefore a focus will be placed on enabling the business to review and approve access to their data. The job holder will also ensure that all access where possible, must be granted without IT intervention and be centred on a single identity system.
 

Monitor KRIs & KPIs

The job holder will be expected to propose, gain acceptance and implement the team and processes associated with building a best in class IAM Engineering function.  The job holder will also be responsible for introducing controls and management information to be able to demonstrate that IT is adhering to Cybersecurity policies and process. 

Role Context
Budget.  Directs the prioritisation of spend, ensuring value for money, balancing cost vs benefit
Internal and external relationships.  Global responsibility for a significant part of one of IAM functions. 
People.  Functional responsibility for people, expense, strategy and operation.
Regulatory.  Develops procedures and policy in the context of IT frameworks.  Collaborate with Regional peers to ensure compliance and adherence to regulations and policy
Strategic Input.  As strategies evolve for IT and Cybersecurity and for the Sub-Function, ensure they remain congruent with each other and the Bank’s strategy.  Manage challenges where 3rd parties’ (internal and external) goals and strategies are not entirely aligned, seizing the opportunities these differences present.
 

What you will be doing;

Role Context
Budget.  Directs the prioritisation of spend, ensuring value for money, balancing cost vs benefit
Internal and external relationships.  Global responsibility for a significant part of one of IAM functions. 
People.  Functional responsibility for people, expense, strategy and operation.
Regulatory.  Develops procedures and policy in the context of IT frameworks.  Collaborate with Regional peers to ensure compliance and adherence to regulations and policy
Strategic Input.  As strategies evolve for IT and Cybersecurity and for the Sub-Function, ensure they remain congruent with each other and the Bank’s strategy.  Manage challenges where 3rd parties’ (internal and external) goals and strategies are not entirely aligned, seizing the opportunities these differences present.
 

Role Dimensions

• Managing a global team sourced from the main regions and technology centres
• Responsible for more than 50 IT Services many of which are global implementations supporting the whole of the organization and a mix of tier 0, 1 and 2
• Providing 24x7 and follow-the sun support for the critical systems
• Developing the IAM technology strategy jointly with Cybersecurity Architecture
• Turning the strategy into reality through adequate planning and focus
• Ensuring clear line-of-sight for the Bank’s IAM Controls between requirements
• Effectively engaging with all GBGFs through an efficient and transparent engagement model
• Providing training, career progression and succession planning across all the key roles in the platform
• Understanding best practices and technology developments as they pertain to IAM engineering technology
• Working with relevant vendors on roadmaps and new product features
• Managing the RTB and CTB delivery priorities in an effective and cost controlled manner

Key Accountabilities
 

Impact on Business
 

• Keep building on the talent in the department and create a culture that attracts, retains and nurtures talent
• Establish a clear strategic direction for the services the department operates including business and stakeholder requirements and that aligns to the overall vision and business strategy whilst maintaining P&L targets.
• Clearly communicate objectives and supporting plans to infrastructure teams and our businesses. 
• Manage all service and SLAs offered to the business, ensure these are declared in a clear and concise service catalogue, measured and reported.
• Manage all service risk and security requirements, escalating where there are gaps and delivering tactical and strategic remediation plans.
• Provide steerage for incident escalation, directing resource and escalation as required.
• Build best practice for software development and continual improvement processes
• Deliver process improvement and automation through constant review both internally and best practice in the market.
• Represent the service to the business risk and compliance contacts.
• Work with external partners who provide maintenance service to the department for all products, establishing and maintaining effective governance to ensure contractual commitments are met.
• Work with internal functions to ensure the procurement of product that serves the business is at industry leading price point with effective contracts.
• Work with internal finance function to manage profit & loss, headcount, capital expenditures and operating expenditures for the domain. Identify opportunities to reduce direct expense on a sustainable basis.
• Work with the practice leads in collaboration to ensure the practice definition and associated standards meet real world demands.
• Work with Cloud domain and help to build effective technologies to deliver on cloud first strategy.
• Be accountable to the regulators for data platform services and ensure cybersecurity protection is delivered and maintained.
• Ensure the technology deployed is being used appropriately and effectively and delivering effective management information to the business lines to show utilisation and cost save opportunities.
• Work with the business lines to demonstrate how to optimise database usage in a cost effective manner.
• Maintain a book of work for engineering that delivers customer needs on time and to budget.
• Provide thought leadership on IAM Technology strategy and engineering
• Maintain the evergreening of the estate including patching within corporate guidelines.
• Engage with SOx IT Controls, Internal Audit and PWC to ensure compliance of the IAM controls to agreed policy

Strengthening stakeholder relationships:

• Work in partnership with the Practice leads and practice heads to ensure all standards meet the needs of the department and initiate change to adopt them where required.
• Work with GB/GF Heads of IT to represent the department, its values and technologies. Ensure their services, cost optimisation opportunities, and business needs are met.
• Build strong relationships with procurement, legal and cost management to ensure the procurement of service meets the needs of HSBC and the domain customers
• Delivery of value for the organisation and compliance across the full set of IAM controls
• Work with other department heads on cross functional initiatives that deliver value to the end consumer, be open and transparent and work as a team.
• Build strong relationships with architecture on any strategic initiatives and deliver a strong strategy for the department that works with the other areas of infrastructure, and takes into consideration smaller region needs.
• Enhance key relationships, using rapport-building expertise and appropriate influencing to add value beyond the initial scope, increasing stakeholder advocacy. Maintain key relationships to include external account managers for third party suppliers and vendors, along with other counterparts across the globe and supporting functions
• Accountable for managing key supplier relationships related to the department.

Leadership & Teamwork

• • Manage department relevant sub-set of jobs within global job catalogue.
  • Continual improvement of key process and controls to deliver simpler, better and faster.
  • Bring together all functions in department creating a team ethic and ethos meeting and/or exceeding the core behaviour expectations of HSBC.
  • Manage a central and globally deployed team of experts to support all businesses.
  • Define learning & development plans for all talent building a strong talent base of resources; provide support on defining the standards of pay and reward.
  • Responsible for defining domain wide OKRs.
  • Building a robust executable technology and people strategy for the department by collaborating across customers, architecture, risk, Practice heads, Cybersecurity and other technology leaders.
  • Build a strong team ethos and collaboration across the GB/GF Practice teams.
  • Ensure a build once deploy many ethos from engineering maintaining strong measureable standards that meet the needs of customers, Cybersecurity and other technology leaders.

Qualifications

What you will bring to the role; 

• Typically educated to degree level or experience operating in a similar role
• Experience in a managerial role within an IT/Cybersecurity or related field, including experience of managing a global function with a geographically dispersed team
• Ability to build strong relationships and communicate with a wide spectrum of stakeholders
• Excellent knowledge of the project lifecycle
• Understanding of business finance and experience of effective managements of budgets and expenditure
• Comprehensive understanding of positioning Bank approach and policy in context of wider industry trends and direction
   

This role can be based in London or another UK based location but some travel may be required.

Come Power a Business that Defines How to Power the World

As a business operating in markets all around the world, we believe diversity brings benefits for our customers, our business and our people. This is why HSBC is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of ethnicity, religion, age, physical or mental disability/long term health condition, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, and any other characteristic protected by local law in the jurisdictions in which we operate. 

Within the work place you will have access to various employee resource groups which aim to promote and achieve a healthy work / life balance and support our diversity ambitions.  

HSBC has in place processes in order to avoid nepotism, which means to avoid creating circumstances in which the appearance or possibility of conflicts of interest may exist within the hiring process.

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Job Field

 : Technology

Primary Location

 : Europe-United Kingdom-Greater London-London

Schedule

 : Full-time 

 : 

Job Posting

 : 28-Sep-2021, 18:09:42 

Unposting Date

 : 06-Dec-2021, 04:29:00