10 feb
Hsbc
Xico
-Job description
If you're looking for a career where you can make a real impression, join Global Service Center (GSC) HSBC and discover how valued you'll be.
HSBC is one of the largest banking and financial services organisationsin the world, with operations in 64 countries and territories.
We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realis their ambitions.
We are currently seeking an experienced professional to join our team in the role of **Títulode puesto.
**
**Lead Analyst (GCO)**
Global Cybersecurity Operations (GCO)
provides a coordinated suite of "Network Defence" services responsible for detecting and responding to information and cybersecurity threats to HSBC assets across the globe and is under the management of the Head of Global Cybersecurity Operations.
This includes dedicated functions for the monitoring and detection of threats within the global estate as well as Cybersecurity Incident Management and Response activities.
These two principal functions are supported by additional internal Global Defence (GD) capabilities in: Cyber Intelligence and Threat Analysis, Technical Director Office, Cybersecurity Engineering and Service Reliability Engineering.
Critical to the success of GCO is its close partnership with sister Cybersecurity teams, IT Infrastructure Delivery and Global Business and Function clients.
The overall GCO and GD mission is placed under the purview of the Cybersecurity Chief Technology Officer (CTO) and the Group Chief Information Security Officer (CISO).
The Cybersecurity Monitoring and Threat Detection Team are charged with efficiently and effectively monitoring the HSBC global technology and information estate 24x7.
The team's mission is to detect the presence of any adversary within the estate, quickly analyse the severity and scope of the issue and work with the Cybersecurity Incident Management and Response Team to contain, mitigate and remediate the incursion.
In addition, the team is responsible for constantly improving its detection capability through attack analysis and ensuring that the appropriate security event information is being fed into the team and that the alerting rules are tuned for maximum effectiveness.
This mission is critical to the protection of HSBC customers, the HSBC brand, shareholder value, as well as HSBC information and financial assets.
Lead Analysts are responsible for leading the analysis of and supporting the response to cyber security events within HSBC, using the latest threat monitoring and detection technologies to detect,
analyse and respond.
The Lead Analyst must:
- Work as a senior member of the Monitoring and Threat Detection team within an "Analysis POD" tasked with triage of threat detection events from across the entire global HSBC technology estate.
- Collaborate with colleagues across Threat Detection and Incident Management areas to ensure a rapid and focussed identification and escalation of potential threat events.
- Provide support into Incident Response actions, providing SME knowledge to ensure continuity and depth of investigation.
- Involvement in "Purple Team" and Threat Simulation activities, ensuring that the detection capability is accurately assessed and validated.
- Collaborate with the Threat Hunters on hypothesis driven threat hunt and advanced data analysis.
- Contribute to Post-Incident reviews,
ensuring that output is captured and use to continually improve detection posture.
- Provide quality assurance and oversight to investigation tickets, ensuring that ideas for improvement and training are captured in an objective manner.
- Support the Crew Lead during shift handovers, ensuring the effective operations 24x7x365.
- Provide expert-level advice and technical leadership to the team, driving the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes.
- Train, develop, mentor and inspire cybersecurity colleagues in area(s) of specialism.
- Identifying new SIEM detection use cases, taking end-to-end ownership of the delivery including testing, triage documentation and training requirements.
- Identify processes that can be automated and orchestrated to ensure maximum efficiency of Global Cybersecurity Operations resources, reducing manual repetitive tasks where possible.
Requirements
**Skills**
- Excellent investigative skills, insatiable curiosity and an innate drive to win.
- Instinctive and creative, with an ability to think like the enemy.
- Strong problem-solving and trouble-shooting skills.
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
- An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business.
- Self-motivated and possessing of a high sense of urgenc
Muestra tus habilidades a la empresa, rellenar el formulario y deja un toque personal en la carta, ayudará el reclutador en la elección del candidato.