Oferta pracy

Thank you for interest in HSBC. . Before you apply, please note that we will take into the consideration only applications that include the following statement: . “I hereby declare that I have familiarised myself with the Privacy Statement for Applicants published at http://www.about.hsbc.pl/careers and I give my consent to use my personal data included in my application for the purposes of recruitment in HSBC Service Delivery (Polska) Sp. z o. o. according to the rules described in the Privacy Statement for Applicants, as per the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR).” . Due to the high number of applications, we reserve the right to contact selected candidates only. . In case you would like to resign from participation in the recruitment process or withdraw previously sent application, please email us at: [email protected]
Oferta z szybkim aplikowaniem 
co to?
Na oferty z aktywnym „Aplikuj szybko” zaaplikujesz jednym kliknięciem. Korzystają one z danych używanych przez Ciebie przy ostatnim aplikowaniu. Jeśli jeszcze tego nie robiłaś/eś, nie przejmuj się. Za pierwszym razem trafisz na pełny formularz aplikowania.

(Cybersecurity Operations) Lead Analyst

HSBC Service Delivery (Polska) Sp. z o.o.About the company

  • Kapelanka 42a, Kraków
    Kraków, Lesser Poland
  • Valid 15 hours
  • Remote recruitment
  • Remote work
  • contract of employment
  • full-time
  • manager / supervisor

HSBC Service Delivery (Polska) Sp. z o.o.

Kapelanka 42a

Kraków

Technologies we use

Expected

  • Linux

  • Oracle

  • Windows Server

  • iOS

About the project

Global Cybersecurity Operations (GCO) provides a coordinated suite of “Network Defense” services responsible for detecting and responding to information and cybersecurity threats to company assets across the globe and is under the management of the Head of Global Cybersecurity Operations. This includes dedicated functions for the monitoring and detection of threats within the global estate as well as Cybersecurity Incident Management and Response activities.

Your responsibilities

  • Responding to alerts from across the entire global HSBC technology and information estate to quickly detect harmful behaviors and events

  • Containing, mitigating and remediating minor incidents and in coordination with the Cybersecurity Incident Management and Response Team, effectively containing, mitigating and remediating more serious events

  • Supporting cyber security incidents through to eradication and feed in to the Post Incident Review process that delivers detailed analysis on the root cause of incidents investigated and produces findings and recommendations that support control adjustments to better protect the bank

  • Identifying, developing and implementing new detections (Use cases) and mitigations (Playbooks) across the security platforms

  • Reviewing and approving new Use Cases and Playbooks created by Cybersecurity colleagues

  • Continuously reviewing the effectiveness of analysis playbooks, processes, and tooling

  • Communicating new use cases (go-live, demise, tuning), to the cybersecurity operations teams, supporting the Cybersecurity Operations Manager in ensuring all teams are prepared to take on the additional workload and have sufficient tools, training and capability to do so effectively

  • Researching emerging threats and vulnerabilities to aid in the identification of cyber incidents

  • Applying structured analytical methodologies to maximize threat intelligence growth and service efficacy.

  • Supporting the Watch Commander during shift handovers, ensuring all team members are ready to manage ongoing incidents

  • Supporting the triage of potentially malicious events to determine severity and criticality of the event

  • Provide expert-level advice and technical leadership to the team, driving the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes

  • Train, develop, mentor and inspire cybersecurity colleagues in area(s) of specialism

  • Collaborate with the wider Cybersecurity (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose

  • Identify processes that can be automated and orchestrated to ensure maximum efficiency of Global Cybersecurity Operations resources

  • Promote a “self-critical” and continuous assessment and improvement culture whereby identification of weaknesses in the bank’s control plane (people, process and technology) are brought to light and addressed in an effective and timely manner

  • Support engagement in support of HSBC Global Businesses and Functions to drive a global up-lift in cyber-security awareness and help to evangelize HSBC Cybersecurity efforts and success

Our requirements

  • Excellent investigative skills, insatiable curiosity and an innate drive to win.

  • Instinctive and creative, with an ability to think like the enemy.

  • Strong problem-solving and trouble-shooting skills.

  • Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.

  • Developed external peer network for sharing intelligence

  • An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business.

  • An understanding of organisational mission, values and goals and consistent application of this knowledge.

  • Self-motivated and possessing of a high sense of urgency and personal integrity.

  • Highest ethical standards and values.

  • Experience defining and refining operational procedures, workflows and processes to support the team in consistent, quality execution of monitoring and detection.

  • Good understanding of HSBC cyber security principles, global financial services business models, regional compliance regulations and laws.

  • Good understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards.

  • Good communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.

  • Ability to speak, read and write in English, in addition to your local language.

  • Technical expertise in analysing threat event data, evaluating malicious activity, documenting unusual files and data and identifying tactics, techniques and procedures used by attackers.

  • Expert level knowledge and demonstrated experience in analysis and dissection of advanced attacker tactics, techniques and procedures in order to inform adjustments to the control plane.

  • Expert level of knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools, use of “Big Data” and Cloud-based solution for the collection and real-time analysis of security information.

  • Detailed knowledge and demonstrated experience of common cybersecurity technologies such as; IDS / IPS / HIPS, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS, etc.

  • Excellent knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Oracle, Citrix, GSX Server, iOS, OSX, etc.

  • Excellent knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits.

  • Good knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation and remediation.

  • Good knowledge of key information risk management and security related standards including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines and NIST standards.

  • Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems.

  • Functional knowledge and technical experience of 3rd party cloud computing platforms such as AWS, Azure and Google.

  • Basic knowledge and demonstrated experience in common cybersecurity incident response and forensic investigation tools such as: EnCase, FTK, Sleuthkit, Kali Linux, IDA Pro, etc.

  • 5+ years of experience in cyber security senior analyst role or similar.

  • Experience within an enterprise scale organisation; including hands-on experience of complex data centre environments, preferably in the finance or similarly regulated sector.

Optional

  • Industry recognised cyber security related certifications including; CEH, EnCE, SANS GSEC, GCIH, GCIA and/or CISSP.

  • Formal education and advanced degree in Information Security, Cyber-security, Computer Science or similar and/or commensurate demonstrated work experience in the same.

  • Professional certifications, but any relevant certification is a bonus.

What we offer

  • Stable job in professional team,

  • Interesting path of career in an international organization,

  • Consistent scope of responsibilities,

  • Private health care, employees’ benefits.

  • Benefits

  • sharing the costs of sports activities

  • private medical care

  • sharing the costs of foreign language classes

  • sharing the costs of professional training & courses

  • life insurance

  • remote work opportunities

  • flexible working time

  • integration events

  • corporate sports team

  • doctor’s duty hours in the office

  • retirement pension plan

  • corporate library

  • no dress code

  • video games at work

  • coffee / tea

  • parking space for employees

  • leisure zone

  • extra social benefits

  • employee referral program

  • opportunity to obtain permits and licenses

  • charity initiatives

  • family picnics

  • extra leave

HSBC Service Delivery (Polska) Sp. z o.o.

HSBC is one of the world’s largest banking and financial services organisations. Our global businesses serve more than 40 million customers worldwide through a network that covers 64 countries and territories.

HSBC Service Delivery (Polska) Sp. z o.o. is HSBC's global finance, operations, risk and technology centre. We use our unique expertise and capabilities to provide specialised services – our people range from technologists transforming the banking experience to operations professionals managing 1.7 trillion payments a year.

Our Purpose – Opening up a world of opportunity – explains why we exist. We are bringing together the people, ideas and capital that nurture progress and growth, helping to create a better world – for our customers, our people, our investors, our communities and the planet we all share.

Scroll to the company’s profile
This is how we work
This is how we work