Job description
Some careers have more impact than others.
If you’re looking for a career where you can make a real impression, join HSBC and discover how valued you’ll be.
We are currently seeking an experienced professional to join our team in the role of Lead IT Security Analyst
Business: Cybersecurity
Principal responsibilities
• Perform effective threat and control assessments of services within our internal, external and cloud estate.
• Liaise with Developers, Architects and other Technical Leads to understand the end to end service and identify where there are any control gaps.
• Understand the Business requirements, evaluate potential products / solutions and provide technical recommendations.
• Be "hands on" with technology and contribute to the design, development and the support of projects with security recommendations.
• Identify threats across the IT estate; including applications, databases, network and other infrastructure components.
• Engage with other Cybersecurity teams, senior management and members of the Business when confronted with potential security issues.
• Stay up to date with industry new trends and best practices.
Requirements
Knowledge & Experience / Qualifications
To be successful in this role you should have proven experience within the Technology sector with knowledge of the following skills:
Mindset
• An inquisitive approach, always asking how to achieve goals in a smarter and more effective way
• Positive and professional attitude, team player, flexible and adaptable, embraces change
Good Risk and Controls understanding
• Knowledge and exposure of Risk and Control Management
• Ability to understand and assess both threats, controls and vulnerabilities, articulating these to both technical and business stakeholders
• Desirable to have one or more industry-recognised cybersecurity-related certifications such as CISSP or Cloud Security Certifications
Strong Technical background
• Proven experience in general security concepts and principles
• Hands on experience with threat modelling and strong technical understanding and experience of assessing vulnerabilities and identifying weaknesses in diverse enterprise IT assets
• Strong understanding of applications design and architecture
• Knowledge and experience with network, host and application security practices
• Knowledge and understanding of one or more of the Cloud Service Providers – AWS, GCP or Azure
• Understanding of Software Development Life Cycle (SDLC) with a focus on security
• Experience in continuous improvement and process optimisation.
• Understanding of emerging technologies and corresponding security threats
Strong stakeholder management and communications skills
• Experience of working in international and diverse environments
• Experience in engaging with business, technology, regional and regulatory stakeholders
• Ability to communicate to key stakeholders – effectively translating technical gaps into business risk
Ability to complete tasks independently to a high quality standard
• Self-motivated individual with strong analytical and problem solving skills
• Experience within fast-moving, complex and demanding corporate environments and able to provide appropriate direction to the team whilst dealing with ambiguity and change
Interpersonal Skills
• Influential, credible and persuasive, active listener, embraces HSBC Values, shows good judgement and demonstrates high level of communication skills in order to achieve effective stakeholder management
Some travel may be required.
About HSBC Technology China
We develop, implement and support software and IT services and processes that allow HSBC to remain at the forefront of high-quality banking systems.
You’ll achieve more when you join HSBC.
HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.”
Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.
***Issued By HSBC Software Development (GuangDong) Limited***