HSBC Group

Business: Cybersecurity
Open positions:1
Recruiter Name :  Veronica Zhong

Why join us？

Global Cybersecurity is responsible for enabling businesses and functions to manage their information, technology and cybersecurity risks by ensuring these are well-understood, and that controls used the manage such events are defined, assessed and implemented appropriately. Cybersecurity predominantly delivers this via objective, independent, professional and specialized subject matter experts. The role forms part of the 1LoD in relation to the risk management framework.

Offensive Security serves a crucial role in helping HSBC protect itself and proactively manage Cybersecurity risk by providing the mindset of the attacker. Offensive Security drives a thorough understanding of Cybersecurity attacks by acting as an independent challenge, simulating real-world attacks, performing regular penetration testing, and innovating approaches to find vulnerabilities.

What you’ll do:

The Head of Engagement leads a small, but crucial, team helping to bridge Offensive Security Practitioners with customers across Technology and the wider business.
Through this, the engagement team ensure the successful delivery of over 1,000 penetration tests a year as well as a multitude of other Offensive Security activities.

Key responsibilities for this position are:
•    Development and maintenance of the Schedule of Offensive Security activities across Penetration Testing, Red Teaming, and Security Research to meet control requirements and business requests.
•    Oversight and coordination of Offensive Security activities across the organisation, to ensure they are strategically planned and executed.
•    Collaborate with Offensive Security leadership with different regions to align strategies, share knowledge, and ensure consistent standards and practices globally.
•    Management of business stakeholders to define the scope of Offensive Security activities and collect information and requirements to ensure activities are able to complete.
•    Act as primary point of contact for business stakeholders throughout project scheduling, initiation, scoping, and up to handover to technical SME; ensuring client satisfaction.
•    Reporting on progress against planned deliverables, and timely escalation of challenges, to Offensive Security leadership team, and Cybersecurity Business/Service-line Leads.
•    Continuous improvement of engagement processes to improve successful outcomes, reduce stakeholder toil, and reduce escalations.
•    Drive to increase the use of data and automation to streamline and simplify processes.

What you will need to succeed in the role:

•    A working understanding of one-or-more Offensive Security approaches (e.g., penetration testing).
•    Extensive leadership experience, especially in cross-functional and cross-country collaboration
•    Experience in working with business stakeholders and ability to communicate clearly and effectively.
•    Strong ability to manage multiple, complex engagements simultaneously.
•    This role reports directly to the Global Head of Offensive Security, and supports all Offensive Security service lines.

Link to Candidate User Guide: 
https://hsbchrdirect.service-now.com/esc?id=kb_article&table=kb_knowledge&sysparm_article=KB0171506&sys_kb_id=9991a4861bc399d4517b10e3b24bcbc8

You’ll achieve more at HSBC

HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.” 

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website. 

* The information contained in this job description is a true and accurate reflection of the job as specified.