sharing the costs of sports activities
(Cybersecurity) Vulnerability Capture Engineer
HSBC Service Delivery (Polska) Sp. z o.o.
- Kapelanka 42a, Dębniki, KrakówKraków, Lesser Poland
- offer expired a month ago
- contract of employment
- specialist (Mid / Regular)
- hybrid work
- remote recruitment
- запрошуємо працівників з України
Technologies we use
CIS Critical Security Controls
NIST 800 Series
About the project
Brief overview of the business areas
Global Cybersecurity is responsible for enabling businesses and functions to manage their information, technology and cybersecurity risks by ensuring these are well-understood, and that controls used the manage such events are defined, assessed and implemented appropriately. Cybersecurity predominantly deliver this via objective, independent, professional and specialized subject matter experts. The role forms part of the 1LoD in relation to the risk management framework.
The Cybersecurity Assessment and Testing (CSAT) function, part of Global Cybersecurity, is accountable for Vulnerability Management, Secure Development (inc. DevSecOps), Threat and Controls Assessment (inc. threat modelling) and Third Party Security Assessment. The function drives the identification, capture, assessment, testing/verification and ultimately the remediation of security defects, gaps and vulnerabilities across HSBC’s estate in concert with business and technology teams – on-premise, within the Cloud and for those resulting from 3rd party engagements.
What you will be doing
The Vulnerability Capture Engineer will be responsible for performing vulnerability scanning and assessments to protect the confidentiality, integrity and availability of information assets using a risk-based approach.
Additionally, they will need to closely collaborate with peers across; assessment and reporting, remediation, and Cybersecurity business and regional leads, enabling effective end-to-end vulnerability management.
This role reports into the Global Head of Vulnerability Capture.
Perform scheduled and/ or on demand vulnerability scanning, assessments and reporting.
Triage and addressing of issues which arise from scanning and assessments.
Communication of analysis and validation of scan/assessment results to stakeholders.
Configure, maintain, operate vulnerability management industry standard tools as well as identifying/implementing new innovative solutions.
Partnering with global HSBC teams and third party service providers.
Security testing tools, vulnerability scanning, and exploit frameworks (e.g. Netspose, Tenable, Qualys, Burp Suite, Netsparker etc)
Industry frameworks and best practices: CIS Critical Security Controls, Threat Modelling, OWASP, NIST 800 Series.
Operating systems, network protocols, and application development.
Malware, emerging threats, attacks, and vulnerability management.
Exposure to scripting or programming languages (e.g Python, C+, or PowerShell).
High level of integrity and strong ethical values.
Excellent analytical and problem-solving skills; written and verbal communication skills.
Strong team player and collaborative worker.
What we offer
Stable job in professional team,
Interesting path of career in an international organization,
Consistent scope of responsibilities,
Private health care, employees’ benefits
Professional development opportunities
private medical care
sharing the costs of foreign language classes
sharing the costs of professional training & courses
remote work opportunities
flexible working time
corporate sports team
doctor’s duty hours in the office
retirement pension plan
no dress code
video games at work
coffee / tea
parking space for employees
extra social benefits
employee referral program
opportunity to obtain permits and licenses
Welcome to HSBC!
HSBC Service Delivery (Polska) Sp. z o.o.
HSBC is one of the world’s largest banking and financial services organisations. Our global businesses serve more than 40 million customers worldwide through a network that covers 64 countries and territories.
HSBC Service Delivery (Polska) Sp. z o.o. is HSBC's global finance, operations, risk and technology centre. We use our unique expertise and capabilities to provide specialised services – our people range from technologists transforming the banking experience to operations professionals managing 1.7 trillion payments a year.
Our Purpose – Opening up a world of opportunity – explains why we exist. We are bringing together the people, ideas and capital that nurture progress and growth, helping to create a better world – for our customers, our people, our investors, our communities and the planet we all share.