Pracodawca zakończył zbieranie zgłoszeń na tę ofertę

Aktualne oferty pracodawcy

Pracodawca zakończył zbieranie zgłoszeń na tę ofertę

Aktualne oferty pracodawcy
Oferta z szybkim aplikowaniem 
co to?
Na oferty z aktywnym „Aplikuj szybko” zaaplikujesz jednym kliknięciem. Korzystają one z danych używanych przez Ciebie przy ostatnim aplikowaniu. Jeśli jeszcze tego nie robiłaś/eś, nie przejmuj się. Za pierwszym razem trafisz na pełny formularz aplikowania.

(Cybersecurity) Cyber Risk Technical Manager

HSBC Service Delivery (Polska) Sp. z o.o.

  • Kapelanka 42a, Dębniki, Kraków
    Kraków, Lesser Poland
  • offer expired over a month ago
  • contract of employment
  • full-time
  • manager / supervisor
  • hybrid work
  • remote recruitment
  • запрошуємо працівників з України
ukrainian-friendly-overlay
Запрошуємо працівників з України
Роботодавець відкритий для працевлаштування громадян України

HSBC Service Delivery (Polska) Sp. z o.o.

Kapelanka 42a

Dębniki

Kraków

Technologies we use

Expected

  • CRQ

About the project

HSBC is the largest bank in Europe and is also one of the largest investment banks in the world. GBM IT provides technology solutions for its Global Banking and Markets business worldwide.

We are currently seeking an experienced Cyber Risk Technical Manager for the CRQ team, with responsibility for performing research and development into threat actors, cyber incidents, defensive controls, software and human vulnerabilities, and the overall digital exposure of the bank.

The role presents a unique opportunity to work on novel modelling methods which will have a real world impact on how HSBC manages its cyber risk through quantification of the varied cyber risks in today’s world

Your responsibilities

  • Support the CRQ research and development team in building probable threat scenarios

  • Work closely with our data scientists, modellers and analysts to assess the relevance and effectiveness of existing cyber controls and processes, in terms of data sources and threat modelling.

  • Work with CRQ data scientists and modellers to determine the influencing attributes of technical controls that impact the likelihood of a vulnerability being exploited

  • Support Cyber SMEs in assessing technical vulnerabilities for use as parameters in the model

  • Work with wider Cybersecurity teams to determine the correct control measures for the model

  • Work with cyber SMEs to ensure scenarios are based on real-world examples

  • Validate key findings with team members and stakeholders and provide insights to ensure high quality inputs to the model

Our requirements

  • Strong experience of threat management and/or threat modelling, particularly Mitre ATT&CK

  • Knowledge of adversarial tactics, techniques, and procedures (TTPs).

  • Detailed knowledge of cyber-attack landscape and how attacks are carried out.

  • Knowledge of Cyber Threat Intelligence (CTI) and how it can be used to determine threat likelihood

  • Real world knowledge and experience of cyber threats and how vulnerabilities can be exploited.

  • Analytical approach to understanding how security controls affect exploitation and mitigate threats.

  • Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions or operations will affect these outcomes.

  • Knowledge of corporate security architecture; networking concepts and protocols, network security methodologies, host-based security products, particularly in Financial Services

  • Good understanding of risk management; inherent vs residual risk, risk appetite vs threshold, risk treatment

  • Familiarity with the NIST Cyber Security Framework (CSF) would be beneficial

  • Experience with working with cyber metrics and numerical data

  • Ability to translate difficult IT concepts into business-friendly language

  • Team-oriented mentality combined with ability to complete tasks independently to a high quality standard

  • Influential, credible and persuasive, active listener, embraces HSBC Values, shows good judgement and demonstrating high level of communication skills in order to achieve effective stakeholder management.

  • Recognised qualifications beneficial: SANS (any related to threats and controls), OSCP, CISSP, CCSP

  • Alternatively, demonstrable experience in either Blue or Purple Teams

What we offer

  • Contact with top IT technologies available in the market.

  • Employees’ benefits: Multisport Card, private medical and dental health care, life insurance,

  • Free parking space for our employees – few minutes from the office,

  • Internal training events and workshops,

  • Realistic career progression opportunities in an international organization,

  • Casual dress code,

  • Cultural exchange.

Benefits

  • sharing the costs of sports activities

  • private medical care

  • sharing the costs of foreign language classes

  • sharing the costs of professional training & courses

  • life insurance

  • remote work opportunities

  • flexible working time

  • integration events

  • corporate sports team

  • doctor’s duty hours in the office

  • retirement pension plan

  • corporate library

  • no dress code

  • video games at work

  • coffee / tea

  • parking space for employees

  • leisure zone

  • extra social benefits

  • employee referral program

  • opportunity to obtain permits and licenses

  • charity initiatives

  • family picnics

  • extra leave

Recruitment stages
1

Phone interview

2

Online assessment

3

Zoom interview

4

Welcome to HSBC!

HSBC Service Delivery (Polska) Sp. z o.o.

HSBC is one of the world’s largest banking and financial services organisations. Our global businesses serve more than 40 million customers worldwide through a network that covers 63 countries and territories.

HSBC Service Delivery (Polska) Sp. z o.o. is HSBC's global finance, operations, risk and technology centre. We use our unique expertise and capabilities to provide specialised services – our people range from technologists transforming the banking experience to operations professionals managing 1.7 trillion payments a year.

Our Purpose – Opening up a world of opportunity – explains why we exist. We are bringing together the people, ideas and capital that nurture progress and growth, helping to create a better world – for our customers, our people, our investors, our communities and the planet we all share.

Scroll to the company’s profile