Job Advert Details
Some careers shine brighter than others.
If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.
Your career opportunity
Cybersecurity Technology & Engineering is responsible for fielding solutions that help defend HSBC against a wide range of threats to the business as well as its customers, clients, partners, and staff. The team works in concert, with partner teams across HSBC, to implement novel defensive capabilities that are effective and adaptable against a constantly evolving threat landscape. The function operates under the vision: “Enabling HSBC to be safely successful everywhere the Firm chooses to do business”.
The role will report to the Head of Collaboration Platforms Data Protection, and will be responsible for defining, implementing and maintaining Security Controls across multiple collaboration tooling technologies, to protect sensitive data, while ensuring compliance with both HSBC Data Security controls and global data protection regulations and industry best practice.
You will collaborate with a wide range of stakeholders including Cybersecurity project teams, Control Owners and the business, across all regions and entities, and be a subject matter expert (SME) in the relevant technologies and support areas to implement and support business requirements and function goals.
This role requires a customer-focused mindset, resilience, a strong technical background, and an understanding of risk controls for data security in highly regulated environments.
The role holder will support the strategic direction for the team and ensure adequate solutions are utilised by effectively managing competing and shifting priorities.
What you’ll do
- Support the Collaboration Platform Data Protection Owner: by conducting technical assessments, validation and definition activities, across multiple local and global collaboration tooling technologies, supporting all global regions (including those with any local regulations) and in line with the Data Protection strategy (including M365 Apps, SharePoint, OneDrive, Teams, Zoom, Confluence, Jira etc).
- Facilitate the delivery of the Technology Security Controls via change, through clear strategy, operational planning and effective communication to all affected business functions (including Microsoft, Skyhigh, ProofPoint, Symantec, Data Insights, BigID etc).
- Investigate and embrace innovation to gain a competitive advantage, thinking differently to achieve the best business outcomes, and thinking ahead to identify and overcome potential issues.
- Fully leverage automation and platform integration, where possible, to deliver the best possible end user experience and frictionless data protection.
- Govern risk responsibly, across all regions and business areas, showing integrity whilst promoting and managing relevant monitoring and reporting requirements.
- Support GB/Fs/Markets/CTO: by providing technical consultancy, as part of a business requestable service, or ah-hoc ask, e.g. in response to a regulator exam.
- Support Control Owners: when designing controls, Technical Control Requirements, key indicators and during respective threshold setting.
- Contribute to/authors/owns capability related security standards (e.g. Virtual Data Rooms), architectural patterns and technology configuration definition.
What you need to have to succeed in this role
- 3+ years of experience of Cybersecurity SME/Product Owner/Engineering/Strategy areas.
- A background in information systems, technology, architecture, design, and service delivery of defense-in-depth capabilities.
- Strong stakeholder management skills, with experience of understanding and meeting the needs of multiple stakeholders. An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner.
- Experience in data protection, cybersecurity, and risk management within the financial services industry. Customer centric consultancy approach.
- Understanding of data protection controls, regulation, and compliance requirements on a global scale.
- Excellent communication, and interpersonal skills. Experience working in a highly regulated, large multi-national environment. Understanding and knowledge of common industry cyber security frameworks, standards and methodologies
- Experience working within Cloud, SaaS and emerging cloud use-cases for web/mobile and enterprise companies.
- Strong commercial background and knowledge of cybersecurity offerings.
- Expertise and experience in the design and delivery of existing collaboration tooling and the relevant DLP technology solutions: M365 Apps, SharePoint, OneDrive, Teams, Zoom, Confluence, Jira, Microsoft, Skyhigh, ProofPoint, Symantec, Data Insights, BigID.
What we offer
- Competitive salary
- Annual performance-based bonus
- Additional bonuses for recognition awards
- Multisport card
- Private medical care
- Life insurance
- One-time reimbursement of home office set-up (up to 800 PLN).
- Corporate parties & events
- CSR initiatives
- Financial support with trainings and education
- Nursery discounts
- Social fund
- Flexible working hours
- Free parking
If your CV meets our criteria, you should expect the following steps in the recruitment process:
- Online behavioural test (for external candidates)
- Telephone screen (for external candidates)
- Job interview with the hiring manager
We are looking to hire as soon as possible so don’t wait and apply now!
You'll achieve more when you join HSBC.
We thank all interested candidates for their applications. We reserve the right to contact only selected candidates.
In case you would like to resign from participation in recruitment process or withdraw previously sent to us application, please email us at: krakow.recruitment@hsbc.com