Job description

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

HSBC is one of the largest banking and financial services organizations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realize their ambitions.

We are currently seeking an experienced professional to join our team in the role of Cyber Threat Intelligence Lead Analyst

In this role you will:

  • Hunting for malicious infrastructure (IPs, domains, hashes) following the technical analysis of threat actor tactics, techniques, and procedures. 
  • Continually identifying data sources and methods to enhance and enrich the collection of malicious infrastructure. 
  • Developing processes and engaging in adversary engagement to maintain a proactive posture against cyber threats. 
  • Producing documentation on threat actor tactics, techniques, and procedures.
  • Documenting and presenting technical findings and analysis to internal and external stakeholders. As a member of the broader CITA team, you will be assisting with and/or responsible for: 
  • Monitoring the global cyber threat landscape through open-source channels, raw-commercial datasets, participation in industry/government information sharing organizations/platforms and cultivated personal relationships. 
  • Supporting the maintenance of a global capability for collection that considers market and business requirements and fully leverages the HSBC global footprint around location, culture, language, and proximity to high value partners.
  • Participating in information sharing efforts across the industry that helps to drive a positive image of the bank with our peers and regulators in the markets we serve. 
  • Participation in and support of external active engagements with industry partners, law enforcement and the wider security community, that projects HSBC expertise in protecting the bank and its customers against systemic threats.
  • Supporting a “self-critical” culture whereby identification of weaknesses in the bank's control plane (people, process, and technology) are brought to light in an effective manner and addressed.
  • Supporting a culture of individual self-improvement whereby staff are expected to maintain subject matter expertise within their area of focus and within the realm of cybersecurity more broadly. 
  • Advise HSBC leadership on the latest trends in cyber intelligence and best practices, through close collaboration and engagement with industry, academia, and government. 
  • Production of Management Information related to the Cyber Intelligence and Threat Analysis mission that is appropriate to the target audience, supported by data, and experienced analysis enabling informed decisions. 
Requirements

In this role, you should meet the following requirements:

  • Ability to speak, read, and write in English. 
  • Excellent investigative skills,  Instinctive and creative, with an ability to think like the adversary.
  • Knowledge of hacker culture, TTPs, and aligning information to MITRE ATT&CK. 
  • An external peer network for sharing intelligence. 
  • Highest ethical standards and values.
  • Knowledge of intelligence analysis principles either through formal education/training or equivalent professional experience. 
  • Experience in identifying and responding to advanced attacker methodologies both within a corporate environment as well as external attack infrastructures, ideally with offensive experience and / or deception environment development (tripwire systems, honeypots, honey token/accounts, etc.) using open source, vendor purchased, and bespoke/in-house developed solutions. 
  • Excellent communication and interpersonal skills with the ability to produce clear and concise technical reports for targeted audiences across internal and external stakeholders.
  • Ability to collaborate across industry, academia, and government to solve complex cyber security problems. 
  • Experience conducing public presentations on complex cyber threat topics for customers, executives, financial sector employees, and external audiences. 
  • Experience with various computer programming, scripting, and pattern matching languages (e.g., Python, JavaScript, Yara, etc.) 
  • Knowledge of reverse engineering malware utilizing both dynamic and static analysis tools.
  • Experience with utilizing well known raw threat data sets and their application programming interfaces (APIs) to hunt for threats including post exploitation frameworks. 
  • Knowledge and experience of common intelligence sharing protocols and experience operating within a collective defense environment, with internal stakeholders and external partners. 
  • Knowledge and experience in analysis and dissecting advanced attacker tactics, techniques and procedures that informs adjustments to the cybersecurity control plane

You’ll achieve more when you join HSBC.

www.hsbc.com/careers

HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working, and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Issued by – HSBC Software Development India