Job Advert Details
Some careers shine brighter than others.
If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.
Your career opportunity
Offensive Security provides an independent challenge to HSBC’s cybersecurity posture by bringing the attacker’s mindset to find and exploit vulnerabilities and to simulate real-world attacks. Through this, OffSec discover weaknesses across people, process, and technology, enabling the Firm to better understand its exposure to cybersecurity attacks and to drive a proactive approach to protect itself and to manage risk more effectively.
The Head of Crowd-sourced Testing leads Bug Bounty activities across HSBC, including the delivery of requirements under the Firm’s cybersecurity controls. They are responsible for ensuring engagement with “the crowd", ensuring information about all applicable services is available to security researchers, triaging, managing, and communicating findings to internal technology teams, and identifying thematic issues and driving targeted engagement across these areas.
This role holder will engage with a diverse set of stakeholders in order to achieve the objectives of the crowd-sourced testing, including Business and Functions, Cybersecurity Leads, Heads of Cybersecurity functions, Control Owners, and Regulators.
What you’ll do
- Delivery of the Bug Bounty to meet the requirements of HSBC’s cybersecurity controls, auditors, and global regulators.
- Ensure the crowd is leveraged with well scoped with clearly defined objectives and delivered on time through an approach that scales and minimises operational risk.
- Identify thematic findings in line with threat actor techniques and procedures, and the shifting technology landscape within HSBC, and driving the crowd to target these areas.
- Accountable for the delivery of the change and continuous uplift across crowd-sourced testing.
- Control and protect the bank’s technology, information, and customers.
- Lead small team to manage operation of the Bug Bounty.
What you need to have to succeed in this role
Proven experience in identifying and communicating security vulnerabilities across Web, APIs, Infrastructure, and Mobile (e.g., penetration testing).
Formal education and advanced degree in Information Security, Cybersecurity, Computer Science or similar and/or commensurate demonstrated work experience in the same.
Excellent understanding of cybersecurity principles, global financial services business models, regional regulations and applicable laws.
Excellent communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.
Experience working in highly sensitive projects and a highly regulated environment.
Experience in identifying vulnerabilities by leveraging “the crowd" (e.g., Bug Bounty)
What we offer
- Competitive salary
- Annual performance-based bonus
- Additional bonuses for recognition awards
- Multisport card
- Private medical care
- Life insurance
- One-time reimbursement of home office set-up (up to 800 PLN).
- Corporate parties & events
- CSR initiatives
- Financial support with trainings and education
- Nursery discounts
- Social fund
- Flexible working hours
- Free parking
If your CV meets our criteria, you should expect the following steps in the recruitment process:
- Online behavioural test (for external candidates)
- Telephone screen (for external candidates)
- Job interview with the hiring manager
We are looking to hire as soon as possible so don’t wait and apply now!
You'll achieve more when you join HSBC.
We thank all interested candidates for their applications. We reserve the right to contact only selected candidates.
In case you would like to resign from participation in recruitment process or withdraw previously sent to us application, please email us at: krakow.recruitment@hsbc.com