The Risk and Control Manager is responsible for assisting with the effective governance and management of non-financial risks in the First Line of Defence.

This job provides specialist Risk and Control advice and/or support, challenges and insights, promoting Risk and Control monitoring and decision-making.

We are currently seeking an experienced professional to join our team.

In this role, you will:

Ÿ This role assists with the implementation of the Risk and Control strategy as set out by the Head of Business Control or team leader. This role will ensure the consistent and effective implementation and performance of operational Risk and Control assurance across HSBC Life Insurance (“INSH”).

Ÿ This role will be mainly tasked to carry out / implement RCA (Risk and Control Assessment), thematic control checking or control monitoring or testing, internal/external event review, management issue review, 1st line governance forum (e.g. FLOD) supporting, 1st line Risk and Control MI, 1st line TPRM (Third Party Risk Management), 1st line BCM (business continuity management), CITRO/BIRO, and other 1st line risk and control responsibilities assigned by team leader.

Ÿ This role will engage with all 1st Line teams, 2nd line of defense and 3rd line of Defense at the direction of the Head of Business Control and Strategy or team leader.

Ÿ Maintain Risk and Control owned policies and procedures that ensure that China Insurance operational risk is managed in a commercially sensitive and practical manner.

Ÿ Support 1st line governance platform (e.g. FLOD) meeting.

Ÿ Coordinate to carry out the Risk and Control Assessment (RCA) exercise according to plan set, or triggered by key events or issues.

Ÿ Lead to perform the risk and control review including thematic risk review, back testing, internal /external event review, MSII review to identify potential issue and suggest mitigations for control weakness.

Ÿ Assist to provide guide and oversight the implementation of Non-Financial Risk Framework, including, control testing (including control monitoring, local testing and etc); internal event escalation and reporting; issue and action tracking; high risk action validation and etc.

Ÿ Support line of business in review cyber and information technology risk related assessments and analyses (such as third party cyber risk review; system or service business impact analysis; cyber incident case review; cyber and information technology exception case review and etc.)

Ÿ Assist to maintain company level BCM framework.

Ÿ Assist in preparation and reporting Management Information (e.g. RCA status, control monitoring results and etc.) to local and global committees and forums.

Ÿ Other ad-hoc tasks assigned by team leader.