HSBC Group

• Responding to alerts from across the entire global HSBC technology and information estate to quickly detect harmful behaviors and events, containing, mitigating and remediating minor incidents and in coordination with the Cybersecurity Incident Management and Response Team, effectively containing, mitigating and remediating more serious events. 

• Supporting cyber security incidents through to eradication and feed in to the Post Incident Review process that delivers detailed analysis on the root cause of incidents investigated and produces findings and recommendations that support control adjustments to better protect the bank.

• Identifying, developing and implementing new detections (Use cases) and mitigations (Playbooks) across the security platforms.

• Reviewing and approving new Use Cases and Playbooks created by Cybersecurity colleagues.

• Continuously reviewing the effectiveness of analysis playbooks, processes, and tooling.

• Applying structured analytical methodologies to maximise threat intelligence growth and service efficacy.

• Supporting the triage of potentially malicious events to determine severity and criticality of the event.

• Provide expert-level advice and technical leadership to the team, driving the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes.

• Excellent investigative skills, insatiable curiosity and an innate drive to win. Instinctive and creative, with an ability to think like the enemy.

• Strong problem-solving, trouble-shooting and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.

• Developed external peer network for sharing intelligence.

• An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business. Self-motivated.

• An understanding of organisational mission, values and goals and consistent application of this knowledge as well as highest ethical standards and values.

• Experience defining and refining operational procedures, workflows and processes to support the team in consistent, quality execution of monitoring and detection.

• Good understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, ISO2700x series, CIST and NIST standards and network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP.

• Technical expertise in analysing threat event data, evaluating malicious activity, documenting unusual files and data and identifying tactics used by attackers.

• Competitive salary

• Annual performance-based bonus

• Additional bonuses for recognition awards

• Multisport card

• Private medical care

• Life insurance

• One-time reimbursement of home office set-up (up to 800 PLN).

• Corporate parties & events

• CSR initiatives

• Nursery discounts

• Financial support with trainings and education

• Social fund

• Flexible working hours 

• Free parking

• Online behavioural test (for external candidates only)

• Telephone screen (for external candidates only)

• Job interview with the hiring manager