Must have

• ITIL

• Security

• CIS

• NIST

• English (C1)

Requirements description

What you need to have to succeed in this role

• A background in information systems, technology, business requirments, design, and service delivery of defense-in-depth capabilities.
• Understanding and knowledge of common industry cyber security frameworks, standards and methodologies
• Experience working within integrated networked on-prem and Cloud environments with Third party and SaaS connectivity and that require cloud use-cases for web/mobile and enterprise companies.
• Experienced in supporting a network capability, technology or platform.
• Data and process modelling

Offer description

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Your career opportunity

Global Defense Engineering is responsible for fielding solutions that help defend HSBC against a wide range of threats to the business as well as its customers, clients, partners, and staff.  The team works in concert, with partner teams across HSBC, to implement novel defensive capabilities that are effective and adaptable against a constantly evolving threat landscape.

The function operates under the vision: “Enabling HSBC to be safely successful everywhere the Firm chooses to do business.”

Your responsibilities

1. Supports Control Owners: Collaboration with key risk stakeholders in the elaboration of network visibility processes and requirements to align with the risk appetite of the bank. Ensuring requirements can be measured against key indicators and with respective threshold settings.
2. Supports NSEC Capability Leads: elaboration and maintenance of the visibility requirements to provide visibility of all aspects of the network and support risk identification and prioritisation of work to close any existing risks.
3. Define capability to supports GBGFs/Markets/CTO: to understand their use of the network and how they can improve the posture of their applications and how their applications use the network.
4. Collect requirements for a comprehensive capability to detect and report network related cyber events.
5. Working with the solution security architect, GBGF and SOC stakeholders agree a comprehensive capability to detect and report network related cyber events.
6. Contributes to the design of metrics for the NSEC control and ensure clear requirements are defined for all metrics and KCI.

show all (7)