Must have

• Java

• API

• Backend

• Security

• Spring Boot

• Cache

• Cloud

• GCP

• AWS

• Azure

• Design Patterns

• Data models

• Linux

• Networking

• Storage

• JVM

• Docker

• K8s

• AppDynamics

• Splunk

• DevOps

• VPC

• IAM

• Communication skills

• English (C1)

Nice to have

• SQL

• Tomcat

• Cloud Native

• Angular

• React

• User interface

• TOGAF

Requirements description

What you need to have to succeed in this role

• Demonstrated experience running highly sensitive projects.
• Participation in the Cyber Security industry.
• Understanding of analysis of common operating system, such as Linux, Windows, Google Android and iOS.
• Demonstrated experience in third party vulnerability disclosure.
• Demonstrated experience in software development.
• Demonstrable experience in tooling, automation and prototyping.
• Demonstrated experience in source code review
• Demonstrated experience in penetration testing

Offer description

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Your career opportunity

Offensive Security provides an independent challenge to HSBC’s cybersecurity posture by bringing the attacker’s mindset to find and exploit vulnerabilities and to simulate real-world attacks. Through this, OffSec discover weaknesses across people, process, and technology, enabling the Firm to better understand its exposure to cybersecurity attacks and to drive a proactive approach to protect itself and to manage risk more effectively.

The Security Research team, within the Global Cybersecurity Research and Offensive Security CROS function, provides a specialist approach to assessing the security of systems and technology, identifying previously unknown vulnerabilities and new attack techniques. Additionally, the Security Research team supports the wider CROS function by developing tools and automation of processes to enhance security assessment.

Your responsibilities

1. Deliver security research projects focused on HSBC critical services, ensuring that design, quality and implementation of controls do not expose the bank to a significant level of risk.
2. Identify previously unknown vulnerabilities and new attack techniques.
3. Work with key stakeholders to proactively drive the reduction in Cybersecurity risks and improve the security risk posture of HSBC within the business risk appetite.
4. Provide subject matter expertise and guidance to a broad range of stakeholders across global business and functions.
5. Engage with relevant programmes that are critical to the bank.
6. Understand the financial services industry security and threat landscape.

show all (8)