HSBC Group

If you’re looking for a career where you can make a real impression, join Global Service Center (GSC) HSBC and discover how valued you’ll be. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.

We are currently seeking an experienced professional to join our team in the role of Data Loss Prevention (DLP) Analyst

Role Purpose:

Global Cybersecurity Operations (GCO) provides a coordinated suite of “Information & Network Defence” services responsible for detecting and responding to information and cybersecurity threats to HSBC assets across the globe. This includes dedicated functions for the Monitoring of potential data loss events within the global estate as well as Information Protection Incident Management and Response. These two principal functions are supported by additional internal GCO capabilities in: Cyber Incident Monitoring & Response, Cyber Intelligence and Threat Analysis, Security Sciences and Client Engagement and Support Services.  Critical to the success of GCO is it close partnership with sister Cybersecurity teams, IT Infrastructure Delivery, and Global Business and Function clients. The overall GCO mission is placed under the purview of the Group Chief Information Security Officer (CISO).).

The Information Protection Monitoring and Response (IPM&R) will act as a strategic response function across the Group on a 24x7x365 basis where existing Information Security controls fail.  This function is charged with efficiently and effectively handling Data related incidents resulting from high severity events and confirmed incidents.  The objective is to ensure containment of the issue whilst maintaining close liaison with relevant internal and external parties ensuring an effective risk treatment plan is in place.  This mission is critical to the protection of HSBC customers, the HSBC brand, shareholder value as well as HSBC information and financial assets.

Main Activities:

• The Data Loss Prevention Analyst is accountable for:
• Monitoring and protecting HSBC Internal, Restricted, and Highly Restricted data in relation to the global DLP monitoring & quarantine tool.
• Following detailed processes and procedures in security incident response lifecycle and its phases.
• Handling an acceptable volume of data events ensuring that the task is analysed thoroughly, and a correct resolution is provided and recorded in the tool within suggested OLA.
• Managing the response to and/or escalating DLP events with local and regional DLP staff, regional teams, and the Information Protection Response (IPR) team to assist with risk assessment and remediation processes.
• Providing 24/7 availability of Support for any critical investigations and support for the global DLP monitoring tool.
• Supporting handovers to other teams and countries at the start and end of the working shift.
• Coordinating the actions of multiple business units during the response to DLP events and incidents.
• Adhering to HSBC internal risk and compliance processes and standards.
• Cultivating strong relationships with organisationally important global Business stakeholders whose support and knowledge are vital in delivering the remediation of DLP events and incidents.
• Providing timely and relevant updates to appropriate stakeholders and decision makers during Providing timely and relevant updates to appropriate stakeholders and decision makers during DLP events.
• Collaborating with the wider Cybersecurity (and IT) teams.
• Maintaining DLP metrics including the identification and development of relevant key data and appropriate reporting mechanisms to ensure accuracy for report management.
• Maintaining a strong awareness of regulatory trends, legislation and industry best practice relating to DLP and Identifying and developing new ideas to enhance our DLP monitoring and response capability.
• Supporting engagement in support of HSBC Global Businesses and Functions to drive a global up-lift in cyber-security and information protection awareness.

• Proficiency in multiple technical disciplines, analytic and quality assurance techniques.
• Good problem-solving and trouble-shooting skills.
• Quick learner with an ability to share and transfer knowledge.
• Ability to work effectively in a team with cross-cultural environments.  
• Self-motivated and able to work independently.
• Highest ethical standards and values.
• Ability to understand, work with and interpret numeric data.
• Strong written and oral communication skills with the ability to communicate technical topics (clear, concise, and professionally) at all levels within the Bank.
• Demonstrate strong organizational and time management skills to meet department standards of productivity and quality in a production environment.
• Ability to build and maintain cordial relationship with users, peers and people at all levels using diplomacy, judgment and interpersonal skills.
• Ability to speak, read and write in English, in addition to your local language.

Technical Skills

• Experience in monitoring and analysing DLP events on the DLP solution.
• Experience in day-to-day operations of the Data Loss Prevention (DLP) process.
• Hands-on experience of following detailed processes and procedures in security incident response lifecycle and its phases.
• Ability to handle, resolve data security events minimizing the impact to the Bank, employees, and customer.
• Ability to understand and follow the incident response process through event escalations. 
• Ability to learn the proper use and protection of data (required).
• Ability to work through the DLP event queue and resolve tickets quickly.
• Good level knowledge of GDPR requirements and regulations.
• Strong knowledge of various data security tool & techniques incl DLP, CASB.
• Knowledge of common operating systems and platforms.

Flexible work availability to support the DLP team’s responsibilities.

Industry Experience and Qualifications

• Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:
• From 1 to 2 year(s) of progressive experience in Data Security and Incident Response
• 2 years of experience in one or more of the following areas:
• DLP security control maintenance
• ITIL Foundation knowledge
• Strong background in Security processes and incident management tools
• Experience within an enterprise scale organisation; including hands-on experience of complex data centre environments, preferably in the finance or similarly regulated sector.
• Formal education and advanced degree in Information Security, Cyber-security, Computer Science or similar and/or commensurate demonstrated work experience in the same.
• Any suitable combination of education, training, or experience is acceptable.

Competences

• Work as a team
• Independent
• Provide Guidance
• Active Listener
• Good Communication

Due to the urgent hiring need, candidates with immediate right to work locally and no relocation need will be prioritised.

At HSBC we offer our colleagues a greater number of leave days so that they can fully enjoy their wedding, take care of the new member of the family, or grieve the loss of a family member. Our paid leave package is at the forefront in Mexico, now you have one more reason to be HSBC and proudly live a culture of well-being, balance, and care.

HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

***Issued By HSBC Electronic Data Process Mexico Private LTD***