Job description

Some careers shine brighter than others.
If you’re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.
HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. 
We are currently seeking an experienced professional to join our team in the role of Cyber Threat Prevention Senior Analyst .

In this role, you will:

  • The Cyber Threat Prevention Senior Analyst is responsible for driving forward opportunities to take our current control stack to the next level. 
  • Working with key other teams, develop a threat lead approach to maximise the value and protection from our existing toolsets, identifying opportunities and drive forward their delivery to being increased benefits and protection to the environment. 
  • Through improved and tighter rulesets, and enhanced use of data feeds, deliver a ‘shift left’ in the protection achieved
  • Identifying and actioning opportunities to ‘shift left’ with our current technical control stack through the implementation of improved policy configuration, tighter prevention rules or other configurations that improve our preventative/protective posture to cyber-threat.  
  • Building relationships with many technology and platform owners.  Navigating and managing complex relationships especially where teams don’t have the time, money, or resource to help. 
  • Become and SME in many tools, technologies, and platforms to be able to drive the necessary change quickly, effectively and safely. 
  • Develop and implement tracking and reporting metrics to support accurate measurements of the time and effort involved and expended during CTP work.  
  • These metrics should also cover KPIs linked to the service catalogue item ‘CTP’ and be a good barometer of service health e.g. 
  • CTP request backlog health, average time take to complete a CTP change, hours expended across different teams to complete a CTP task. 
Requirements

To be successful in this role, you should meet the following requirements:

  • Technical expertise in analysing data, understand the threats and issues and being able to see the big picture to drive value from existing tooling. 
  • Expert level of knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools, use of “Big Data” and Cloud-based solution for the collection and real-time analysis of security information.  
  • Detailed knowledge and demonstrated experience of common cybersecurity technologies such as IDS / IPS / HIPS, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS, Splunk etc. 
  • Excellent knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Oracle, Citrix, GSX Server, iOS, OSX, etc. 
  • Excellent knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits. 
  • Good knowledge and demonstrated experience in analysis and dissection of advanced attacker tactics, techniques, and procedures to inform adjustments to the control plane. 
  • Good knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation, and remediation.    
  • Good knowledge of key information risk management and security related standards including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines and NIST standards. 
  • Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems. 
  • Functional knowledge and technical experience of 3rd party cloud computing platforms such as AWS, Azure, and Google. 
  • Basic knowledge and demonstrated experience in common cybersecurity incident response and forensic investigation tools such as: EnCase, FTK, Sleuth kit, Kali Linux, IDA Pro, etc.   
  • Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:  
  • 5+ years of experience in cyber security senior role or similar. 
  • Experience within an enterprise scale organisation; including hands-on experience of complex data centre environments, preferably in the finance or similarly regulated sector. 
  • Industry recognised cyber security related certifications including CEH, EnCE, SANS GSEC, GCIH, GCIA and/or CISSP. 
  • Formal education and advanced degree in Information Security, Cyber-security, Computer Science, or similar and/or commensurate demonstrated work experience in the same. 

You’ll achieve more when you join HSBC.
www.hsbc.com/careers 
 
HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.
 
Issued by – HSBC Software Development India