02 feb
Hsbc
Xico
-Job description
If you're looking for a career where you can make a real impression, join Global Service Center (GSC) HSBC and discover how valued you'll be.
HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories.
We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.
We are currently seeking an experienced professional to join our team in the role of **Lead Cybersecurity Operations Integration Analyst**
The role holder will be a key technical and engagement lead,
tasked with achieving the desired outcomes via proactive and collaborative stakeholder engagements across the technology landscape.
Working closely with the technology owners and the SOC Monitoring & Threat Detection and Incident Response teams, the role holder will continuously review and manage onboarding requests to ensure a cyber-threat intelligence led approach to the prioritisation of engagements.
This is a key role that underpins the foundational capabilities that support the Global Cybersecurity Operations & Intelligence mission to respond to cyber-threats against HSBC rapidly, effectively and consistently.
**Main Activities**:
- Supporting the technical development, implementation and maintenance of a technology and log ingestion framework that aligns to control requirements and supports a cyber-threat intelligence led approach to the detection, response and containment of cyber-threats.
- Supporting and maintaining the technical aspects of a flexible stakeholder engagement model that caters for both proactive and reactive collaboration and can rapidly adjust and reprioritise workloads in response to the changing threat-landscape.
- Contributing to the building and maintaining strong processes and collaborative working practices with supporting teams in Sustainable Cybersecurity Operations and the wider Global Cybersecurity Operations & Intelligence teams.
- Building relationships and engagements with the many technology and platform owner stakeholders.
- Successfully maintaining these relationships and delivering prioritised outcomes in an environment where relationships can be complex and priorities are often divergent.
- Maintaining governance across all Cyber Ops Integration activities and ensuring the creation, collection and processing of key data points to feed into relevant service reporting e.g.
service delivery metrics, KPIs, KCIs, and performance dashboards.
- Supporting the development and maintenance of a functional strategy that supports continuous improvement and is aligned to the wider Sustainable Cybersecurity Operations and Global Cybersecurity Operations & Intelligence strategy and goals.
Requirements
- Experience in a cybersecurity or technical position, preferably in the finance or similarly regulated sector.
- Industry recognised cybersecurity related certifications including: CEH, EnCE, SANS GSEC, GCIH, GCIA and/or CISSP
- Formal education and advanced degree in Information Security, Cyber-security, Computer Science, or similar and/or commensurate demonstrated work experience in the same.
- Certified in the use and management of core security platforms such as SIEM, SOAR, EDR, XDR, NDR, Firewalls, Proxies etc.
- Core technical platform / OS certifications e.g.
Windows, Linux, MacOS.
- Knowledge and demonstrated experience of common cybersecurity technologies such as; IDS / IPS / HIPS, AV, EDR, Firewalls, Proxies etc.
- Knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc.
and network protocol analysis suits.
- Excellent knowledge of common enterprise technology infrastructure, platforms and tooling, including; Windows, Linux, infrastructure management and networking hardware.
- Some technical experience of 3rd party cloud computing platforms such as AWS, Azure and Google their associated security tooling/platforms.
- Knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation and remediation.
- Knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM)
tools such as Splunk Enterprise Security or Microsoft Sentinel.
Knowledge of cloud based "data lake" solutions used for the collection and real-time advanced analysis of security information.
- Good understanding of HSBC cybersecurity principles, global financial services business models, regional compliance regulations and applicable laws.
- Good understanding and knowledge of common industry cybersecurity frameworks, standards and methodologies, including; OWASP, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards, and the MITRE ATT&CK; Framework.
- Experience in a leadership position within a cyber-security operations team to include team and capability development, staff
Muestra tus habilidades a la empresa, rellenar el formulario y deja un toque personal en la carta, ayudará el reclutador en la elección del candidato.