Pracodawca zakończył zbieranie zgłoszeń na tę ofertę

(Cybersecurity Operations) DLP Ops Lead

HSBC Service Delivery (Polska) Sp. z o.o.

  • Kapelanka 42a, Dębniki, Kraków
    Kraków, Lesser Poland
  • offer expired 3 months ago
  • contract of employment
  • full-time
  • manager / supervisor
  • hybrid work
  • remote recruitment
  • запрошуємо працівників з України
Запрошуємо працівників з України
Роботодавець відкритий для працевлаштування громадян України

HSBC Service Delivery (Polska) Sp. z o.o.

Kapelanka 42a



Technologies we use


  • Unix


  • Azure

  • AWS

Operating system

About the project

Global Cybersecurity Operations (GCO) provides a coordinated suite of “Information & Network Defence” services responsible for detecting and responding to information and cybersecurity threats to HSBC assets across the globe. This includes dedicated functions for the Monitoring of potential data loss events within the global estate as well as Information Protection Incident Management and Response.

These two principal functions are supported by additional internal GCO capabilities in: Cyber Incident Monitoring & Response, Cyber Intelligence and Threat Analysis, Security Sciences and Client Engagement and Support Services. Critical to the success of GCO is it close partnership with sister Cybersecurity teams, IT Infrastructure Delivery, and Global Business and Function clients. The overall GCO mission is placed under the purview of the Group Chief Information Security Officer (CISO).).

The Information Protection Monitoring and Response (IPM&R) will act as a strategic response function across the Group on a 24x7x365 basis where existing Information Security controls fail. This function is charged with efficiently and effectively handling Data related incidents

resulting from high severity events and confirmed incidents. The objective is to ensure containment of the issue whilst maintaining close liaison with relevant internal and external parties ensuring an effective risk treatment plan is in place. This mission is critical to the protection

of HSBC customers, the HSBC brand, shareholder value as well as HSBC information and financial assets.

Your responsibilities

  • Managing the response to and/or escalating DLP events with local and regional DLP staff, regional teams and the Information Protection

  • Response (IPR) team to assist with risk assessment and remediation processes.

  • Collaborating with other local and global DLP Leads and IPR Incident Manager Leads to ensure co-ordination of workload and continuous

  • 24x7 information security operations service provision. Raising cases and following up with support for any issues.

  • Ensuring a comprehensive and smooth hand-over between the global teams as shifts end and begin.

  • Developing and reporting metrics and KPIs related to the Data Loss Prevention mission to management in all areas of responsibility.

  • Managing a highly skilled, efficient and effective team of DLP Analysts in achieving their responsibilities, which include:

  • Protecting HSBC Internal, Restricted, and Highly Restricted data in relation to the global DLP monitoring & quarantine tool.

  • Following detailed processes and procedures in security incident response lifecycle and its phases to respond to alerts from DLP

  • monitoring/detection systems within defined OLAs and, where appropriate, escalate data breach events.

  • Triaging potentially malicious events to determine severity of the event.

  • Supporting handovers to other teams and countries at the start and end of the working shift.

  • Leading the continued evolution of data loss prevention capabilities and processes, including automation and orchestration

  • Assessing new technology products and projects utilizing security technologies pertinent to the function.

  • Maintaining a strong awareness of regulatory trends, legislation and industry best practice relating to DLP and Identifying and

  • developing new ideas to enhance our DLP monitoring and response capability.

  • Performance management and development of the DLP Analyst team.

  • Acting as a role model to more junior members of the team including training, developing and mentoring colleagues.

  • Embedding a culture of individual self-improvement, development and self-directed learning whereby staff are expected to maintain subject matter expertise within their area of focus and within the realm of cyber security more broadly.

  • Ensuring compliance with internal audit and external regulators.

  • Ensuring compliance with HSBC Cybersecurity policies and standards.

  • Collaborating with other teams and industry groups on information security related issues and concerns.

  • Educating Bank staff on personnel risks and controls pertaining to information security-related concepts, compliance, and audit requirements to drive a global up-lift in cyber-security and information protection awareness.

  • Provide Service improvement to the management. Support the fine tuning of Monitoring rules;

  • Responsible for implementing best security practices by understanding the business requirements

Our requirements

  • Excellent investigative skills, insatiable curiosity and an innate drive to win.

  • Proficiency in multiple technical disciplines, analytic and quality assurance techniques.

  • Strong problem-solving and trouble-shooting skills.

  • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.

  • Proven experience in crisis management, crisis response frameworks and communications.

  • Demonstrated project and task management skills and ability to track and report progress against established milestones, metrics, and deliverables.

  • Self-motivated and possessing of a high sense of urgency and personal integrity.

  • Instinctive and creative.

  • Quick learner with an ability to share and transfer knowledge.

  • Proficient in preparation of reports, dashboards and documentation. Experience in maintaining various metrics and SLAs. Banking experience is preferred.

  • Highest ethical standards and values.

  • Experience defining and refining operational procedures, workflows and processes to support the team in consistent, quality execution of monitoring and detection.

  • Good understanding of HSBC cyber security principles, global financial services business models, regional compliance regulations and laws.

  • An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business.

  • Ability to work independently in a fast-paced environment as part of a distributed team with effective communication and collaboration skills.

  • Strong written and oral communication skills. The ability to communicate effectively (clear, concise, and professionally) at all levels within the Bank.

  • Ability to speak, read and write in English, in addition to your local language.

  • Must have worked as DLP expert and lead team.

  • Hands-on experience implementing, managing, and monitoring security tools and technologies related to DLP, EDR, IAM, PAM, etc.

  • Hands-on experience in security incident response lifecycle and its phases. Ability to handle, resolve data security incidents minimizing impact and respond to escalations.

  • Strong knowledge of various data security tool & techniques such as DLP, CASB etc.

  • Knowledge of industry cyber security regulations and standards.

  • Knowledge of cyber security frameworks (e.g., ISO27001, NIST 800-53, HITRUST CSF, etc).

  • Knowledge of various operating systems including but not limited to Windows, Linux, and UNIX.

  • Knowledge of risk assessment frameworks, tools, technologies, and methods; experience in planning, researching, and developing security policies, standards and procedures, then performing testing and evaluation of documentation and controls with remediation recommendations.


  • Good to have knowledge of tools used for network security (EDR, NIPS, WAF, HIPS, AV, Firewalls, etc).

  • Knowledge of deploying or supporting enterprise logging infrastructure is a plus.

  • Experience with or knowledge of cloud security frameworks on Azure, GCP and AWS is a plus.

  • Experience of working in a financial organization would be beneficial.

  • Experience working in a highly regulated environment.

  • Formal education and advanced degree in Information Security, Cyber-security, Computer Science or similar and/or commensurate demonstrated work experience in the same.

What we offer

  • Stable job in professional team,

  • Interesting path of career in an international organization,

  • Consistent scope of responsibilities,

  • Private health care, employees’ benefits.


  • sharing the costs of sports activities

  • private medical care

  • sharing the costs of foreign language classes

  • sharing the costs of professional training & courses

  • life insurance

  • remote work opportunities

  • flexible working time

  • integration events

  • corporate sports team

  • doctor’s duty hours in the office

  • retirement pension plan

  • corporate library

  • no dress code

  • video games at work

  • coffee / tea

  • parking space for employees

  • leisure zone

  • extra social benefits

  • employee referral program

  • opportunity to obtain permits and licenses

  • charity initiatives

  • family picnics

  • extra leave

Recruitment stages

Online assessment


Phone interview


Zoom interview


Welcome to HSBC!

HSBC Service Delivery (Polska) Sp. z o.o.

HSBC is one of the world’s largest banking and financial services organisations. Our global businesses serve more than 40 million customers worldwide through a network that covers 63 countries and territories.

HSBC Service Delivery (Polska) Sp. z o.o. is HSBC's global finance, operations, risk and technology centre. We use our unique expertise and capabilities to provide specialised services – our people range from technologists transforming the banking experience to operations professionals managing 1.7 trillion payments a year.

Our Purpose – Opening up a world of opportunity – explains why we exist. We are bringing together the people, ideas and capital that nurture progress and growth, helping to create a better world – for our customers, our people, our investors, our communities and the planet we all share.

Scroll to the company’s profile