Job Advert Details

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Your career opportunity

This job role is directly responsible for handling the day-to-day operations of the HSBC Bug Bounty Program. As part of this role, you will act as the escalation point of contact for any incoming security vulnerabilities received through the Bug Bounty Program and are expected to be an experienced pentester.

What you’ll do
    • Analyze, assess and respond to the security vulnerabilities received as part of Bug Bounty Program.
    • Research and reproduce the security vulnerabilities
    • Perform the root cause analysis of the security vulnerabilities.
    • Effectively communicate with the external security researchers
    • Work closely with the appropriate stakeholders across departments to help them understand the risks, and the track remediation.
    • Drive improvements including tooling, automation, and setting up processes
    • Help drive the maturity of Bug Bounty Program by continuously improving quality of our services and removing inefficiencies, in line with wider Cybersecurity strategy.
    • Advise on vulnerability remediation, control implementation and secure development practices

What you need to have to succeed in this role
    • At least 4 years of prior demonstrable hands-on experience in penetration testing.
    • Solid understanding of the platform security models for iOS and Android platforms.
    • Excellent understanding of platform-specific security risks, common vulnerabilities for mobile applications, common risks in financial applications.
    • Practical knowledge of penetration testing of widely understood infrastructure, web and mobile technologies, using manual and automated testing methods.
    • Excellent TCP/IP knowledge and understanding of security implications/issues.
    • Strong web application testing experience.
    • Proven programming/scripting skills.
    • Strong understanding of applied use of cryptography in application development.

What we offer
    • Competitive salary
    • Annual performance-based bonus
    • Additional bonuses for recognition awards
    • Multisport card
    • Private medical care
    • Life insurance
    • One-time reimbursement of home office set-up (up to 800 PLN).
    • Corporate parties & events
    • CSR initiatives
    • Nursery discounts
    • Financial support with trainings and education
    • Social fund
    • Flexible working hours
    • Free parking

The pay range for this role is 16,566 PLN - 24,841 PLN (monthly, gross).

Variable pay is discretionary, but influenced by Group performance, business/function performance and individual performance.

We offer a comprehensive and competitive package of benefits covering healthcare, family friendly leaves, pension and life assurance, as well as many other benefits to support your wellbeing.

If your CV meets our criteria, you should expect the following steps in the recruitment process:
    • Online behavioural test (for external candidates only)
    • Telephone screen (for external candidates only)
    • Zoom interview with the hiring manager

We are looking to hire as soon as possible so don’t wait and apply now!

You'll achieve more when you join HSBC.

We thank all interested candidates for their applications. We reserve the right to contact only selected candidates.

In case you would like to resign from participation in recruitment process or withdraw previously sent to us application, please email us at: krakow.recruitment@hsbc.com
Retour au résultat de la recherche