Some careers shine brighter than others.
If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.
HSBC is one of the largest banking and financial services organizations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realize their ambitions.
Department: Cybersecurity
In this role you will:
The role holder will lead the team to achieve the desired outcomes via proactive and collaborative stakeholder engagements across the technology landscape. Working closely with the technology owners and the operational security teams, the role holder will continuously review and manage onboarding requests to ensure a cyber-threat intelligence led approach to the prioritisation of engagements and focus areas.
This is a key role that underpins the foundational capabilities that support the Global Cybersecurity Operations & Intelligence mission to respond to cyber-threats against HSBC rapidly, effectively and consistently.
Key Responsibilities:
- Developing, implementing and maintaining a technology and log ingestion framework that aligns to control requirements and supports a cyber-threat intelligence led approach to the detection, response and containment of cyber-threats.
- Developing and maintaining a flexible stakeholder engagement model that caters for both proactive and reactive collaboration and can rapidly adjust and reprioritise workloads in response to the changing threat-landscape.
- Building and maintaining strong processes and collaborative working practices with supporting teams in Sustainable Cybersecurity Operations and the wider Global Cybersecurity Operations & Intelligence teams.
- Building relationships and engagements with the many technology and platform owner stakeholders.
- Successfully maintaining these relationships and delivering prioritised outcomes in an environment where relationships can be complex and priorities are often divergent.
- Maintaining governance across all Cyber Ops Integration activities and ensuring the creation, collection and processing of key data points to feed into relevant service reporting e.g. service delivery metrics, KPIs, KCIs, and performance dashboards.
- Setting team goals and objectives and managing staff performance.
- Ensuring the team are proactive, tenacious and self-driven. This role requires both a reactive and a proactive approach to ensure risks are reduced and the correct priorities are always identified.
- Developing and maintaining a functional strategy that support continuous improvement and is aligned to the wider Sustainable Operations and Global Cybersecurity Operations & Intelligence strategy and goals.
To be successful in this role you should meet the following requirements:
- Bachelor’s degree
- Experience : 15 + years
- 5+ years of experience in a cybersecurity related leadership position, preferably in the finance or similarly regulated sector.
- Excellent knowledge and demonstrated experience of common cybersecurity technologies such as; IDS / IPS / HIPS, AV, EDR, Firewalls, Proxies etc.
- Excellent knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits.
- Excellent knowledge of common enterprise technology infrastructure, platforms and tooling, including; Windows, Linux, infrastructure management and networking hardware.
- Good knowledge and technical experience of 3rd party cloud computing platforms such as AWS, Azure and Google their associated security tooling/platforms.
- Good knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation and remediation.
- Excellent knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools such as Splunk Enterprise Security. Knowledge of cloud based “data lake” solutions used for the collection and real-time advanced analysis of security information.
- Ability to identify, develop and track key performance indicator (KPI) and key control indicator (KCI) metrics for accurate and contextual evaluation of operational effectiveness as well as providing recommendations for control improvement and mitigating control adjustments.
- Good knowledge of intelligence analysis principles either though formal education / training or equivalent professional experience.
- Industry recognised cybersecurity related certifications including: CEH, EnCE, SANS GSEC, GCIH, GCIA and/or CISSP
- Certified in the use and management of core security platforms such as SIEM, SOAR, EDR, XDR, NDR, Firewalls, Proxies etc
- Core technical platform / OS certifications e.g. Windows, Linux, MacOS
Candidate User Guide: India HTC - IND HSDI : IJP candidate user guide (service-now.com)
You’ll achieve more when you join HSBC.
www.hsbc.com/careers
HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working, and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.
Issued by – HSBC Software Development India