sharing the costs of sports activities
Pracodawca zakończył zbieranie zgłoszeń na tę ofertę
Aktualne oferty pracodawcyPracodawca zakończył zbieranie zgłoszeń na tę ofertę
Aktualne oferty pracodawcyOferta z szybkim aplikowaniem
co to?
Na oferty z aktywnym „Aplikuj szybko” zaaplikujesz jednym kliknięciem. Korzystają one z danych używanych przez Ciebie przy ostatnim aplikowaniu. Jeśli jeszcze tego nie robiłaś/eś, nie przejmuj się. Za pierwszym razem trafisz na pełny formularz aplikowania.
(Cybersecurity) Cyber Risk Technical Manager
HSBC Service Delivery (Polska) Sp. z o.o.
- Kapelanka 42a, Dębniki, KrakówKraków, Lesser Poland
- offer expired over a month ago
- contract of employment
- full-time
- manager / supervisor
- hybrid work
- remote recruitment
- запрошуємо працівників з України
Запрошуємо працівників з України
Роботодавець відкритий для працевлаштування громадян України
HSBC Service Delivery (Polska) Sp. z o.o.
Kapelanka 42a
Dębniki
Kraków
Technologies we use
Expected
CRQ
About the project
HSBC is the largest bank in Europe and is also one of the largest investment banks in the world. GBM IT provides technology solutions for its Global Banking and Markets business worldwide.
We are currently seeking an experienced Cyber Risk Technical Manager for the CRQ team, with responsibility for performing research and development into threat actors, cyber incidents, defensive controls, software and human vulnerabilities, and the overall digital exposure of the bank.
The role presents a unique opportunity to work on novel modelling methods which will have a real world impact on how HSBC manages its cyber risk through quantification of the varied cyber risks in today’s world
Your responsibilities
Support the CRQ research and development team in building probable threat scenarios
Work closely with our data scientists, modellers and analysts to assess the relevance and effectiveness of existing cyber controls and processes, in terms of data sources and threat modelling.
Work with CRQ data scientists and modellers to determine the influencing attributes of technical controls that impact the likelihood of a vulnerability being exploited
Support Cyber SMEs in assessing technical vulnerabilities for use as parameters in the model
Work with wider Cybersecurity teams to determine the correct control measures for the model
Work with cyber SMEs to ensure scenarios are based on real-world examples
Validate key findings with team members and stakeholders and provide insights to ensure high quality inputs to the model
Our requirements
Strong experience of threat management and/or threat modelling, particularly Mitre ATT&CK
Knowledge of adversarial tactics, techniques, and procedures (TTPs).
Detailed knowledge of cyber-attack landscape and how attacks are carried out.
Knowledge of Cyber Threat Intelligence (CTI) and how it can be used to determine threat likelihood
Real world knowledge and experience of cyber threats and how vulnerabilities can be exploited.
Analytical approach to understanding how security controls affect exploitation and mitigate threats.
Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions or operations will affect these outcomes.
Knowledge of corporate security architecture; networking concepts and protocols, network security methodologies, host-based security products, particularly in Financial Services
Good understanding of risk management; inherent vs residual risk, risk appetite vs threshold, risk treatment
Familiarity with the NIST Cyber Security Framework (CSF) would be beneficial
Experience with working with cyber metrics and numerical data
Ability to translate difficult IT concepts into business-friendly language
Team-oriented mentality combined with ability to complete tasks independently to a high quality standard
Influential, credible and persuasive, active listener, embraces HSBC Values, shows good judgement and demonstrating high level of communication skills in order to achieve effective stakeholder management.
Recognised qualifications beneficial: SANS (any related to threats and controls), OSCP, CISSP, CCSP
Alternatively, demonstrable experience in either Blue or Purple Teams
What we offer
Contact with top IT technologies available in the market.
Employees’ benefits: Multisport Card, private medical and dental health care, life insurance,
Free parking space for our employees – few minutes from the office,
Internal training events and workshops,
Realistic career progression opportunities in an international organization,
Casual dress code,
Cultural exchange.
Benefits
private medical care
sharing the costs of foreign language classes
sharing the costs of professional training & courses
life insurance
remote work opportunities
flexible working time
integration events
corporate sports team
doctor’s duty hours in the office
retirement pension plan
corporate library
no dress code
video games at work
coffee / tea
parking space for employees
leisure zone
extra social benefits
employee referral program
opportunity to obtain permits and licenses
charity initiatives
family picnics
extra leave
Recruitment stages
1
Phone interview
2
Online assessment
3
Zoom interview
4
Welcome to HSBC!
HSBC Service Delivery (Polska) Sp. z o.o.
HSBC is one of the world’s largest banking and financial services organisations. Our global businesses serve more than 40 million customers worldwide through a network that covers 63 countries and territories.
HSBC Service Delivery (Polska) Sp. z o.o. is HSBC's global finance, operations, risk and technology centre. We use our unique expertise and capabilities to provide specialised services – our people range from technologists transforming the banking experience to operations professionals managing 1.7 trillion payments a year.
Our Purpose – Opening up a world of opportunity – explains why we exist. We are bringing together the people, ideas and capital that nurture progress and growth, helping to create a better world – for our customers, our people, our investors, our communities and the planet we all share.