sharing the costs of sports activities
(Cybersecurity) Cybersecurity Senior Security Researcher
HSBC Service Delivery (Polska) Sp. z o.o.
- Kapelanka 42a, Dębniki, KrakówKraków, Lesser Poland
- offer expired 17 days ago
- contract of employment
- senior specialist (Senior)
- remote recruitment
- запрошуємо працівників з України
Technologies we use
About the project
In a rapidly changing technology landscape, security research and offensive security are important components in positioning HSBC to better protect itself and to manage risk more effectively. This is accomplished by analysing the most critical areas across the bank, simulating real-world attacks, performing regular penetration testing and innovating approaches to find vulnerabilities, that can materially drive a more thorough understanding of cybersecurity attacks and a proactive approach to enhance the security posture of the bank.
The role holder will be responsible for leading, managing and delivering CROS security research projects, on a wide range of technologies to ensure that HSBC is well positioned against a variety of Cybersecurity related advanced attack scenarios.
Deliver security research projects focused on HSBC critical services and projects to ensure that design, quality and implementation of controls do not expose the bank to a significant level of risk.
Achieve excellence by driving performance, compliance and security.
Identifying previously unknown vulnerabilities and new attack techniques.
Develop tools and automation of processes to enhance security assessment.
Work with key stakeholders to proactively drive the reduction in Cybersecurity risks and to improve the security risk posture of HSBC within the business risk appetite.
Provide subject matter expertise and guidance to a broad range of stakeholders across global business and functions.
Engage with relevant programmes that are critical to the bank.
Understand the financial services industry security and threat landscape.
Engage with a diverse set of stakeholders in order to achieve CROS objectives, including Business and Functions, Cybersecurity leads, Head of Cybersecurity functions and Control Owners.
Engage with specialist technology functions such as, Cybersecurity Technology, Cybersecurity Operations and Security Architecture.
Maintains HSBC internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators.
The jobholder will also adhere to and be able to demonstrate adherence to internal controls. This will be achieved by adherence to all relevant procedures, keeping appropriate records and, where appropriate, by driving the timely implementation of internal and external audit points, including issues raised by external regulators, and internally identified Cybersecurity risks.
The jobholder will implement the group compliance policy by containing compliance risk in liaison with Global Head of Compliance, Global Compliance Officer, Area Compliance Officer or Local Compliance Officer. The term ‘compliance’ embraces all relevant financial services laws, rules and codes with which the business has to comply.
This will be achieved by adhering to all relevant processes/procedures and by liaising with compliance department about new business initiatives at the earliest opportunity. Also and when applicable, by ensuring adequate resources.
The jobholder will ensure the fair treatment (service excellence) of our customers is at the heart of everything we do, both personally and as an organisation.
The jobholder will also continually reassess the Cybersecurity and operational risks associated with the role and inherent in the business, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, management restructurings, and the impact of new technology.
This will be achieved by ensuring all actions take account of the likelihood of operational risk occurring. Also by addressing any areas of concern in conjunction with entity management and/or the appropriate department.
Education to degree level or above (Desirable) or relevant work experience
0-day discovery and vulnerability disclosure
Source code review
English - Fluent written and spoken
Proven written and verbal communication skills
Ability to develop clear business impact and justification to drive investment in team capabilities
Demonstrable experience in vulnerability identification and exploitation.
Participation in the Cyber Security industry.
Demonstrated experience in network security.
Demonstrated experience in embedded systems & hardware hacking.
Understanding of analysis of mobile technologies.
Understanding of analysis of common operating system, such as Linux, Windows, Google Android and iOS.
Demonstrated experience in third party vulnerability disclosure.
Demonstrated experience in software development.
Demonstrable experience in tooling, automation and prototyping.
Demonstrated experience in source code review.
Demonstrated experience in penetration testing.
Demonstrated experience in black box software security review techniques, including ‘fuzzing’ and reverse engineering.
What we offer
Stable job in professional team,
Interesting path of career in an international organization,
Consistent scope of responsibilities,
Private health care, employees’ benefits.
private medical care
sharing the costs of foreign language classes
sharing the costs of professional training & courses
remote work opportunities
flexible working time
corporate sports team
doctor’s duty hours in the office
retirement pension plan
no dress code
video games at work
coffee / tea
parking space for employees
extra social benefits
employee referral program
opportunity to obtain permits and licenses
Welcome to HSBC!
HSBC Service Delivery (Polska) Sp. z o.o.
HSBC is one of the world’s largest banking and financial services organisations. Our global businesses serve more than 40 million customers worldwide through a network that covers 64 countries and territories.
HSBC Service Delivery (Polska) Sp. z o.o. is HSBC's global finance, operations, risk and technology centre. We use our unique expertise and capabilities to provide specialised services – our people range from technologists transforming the banking experience to operations professionals managing 1.7 trillion payments a year.
Our Purpose – Opening up a world of opportunity – explains why we exist. We are bringing together the people, ideas and capital that nurture progress and growth, helping to create a better world – for our customers, our people, our investors, our communities and the planet we all share.