sharing the costs of sports activities
(Cybersecurity) Lead Cloud Systems Security Engineer
HSBC Service Delivery (Polska) Sp. z o.o.
- Kapelanka 42a, Dębniki, KrakówKraków, Lesser Poland
- offer expired 16 days ago
- contract of employment
- manager / supervisor
- remote recruitment
- запрошуємо працівників з України
Technologies we use
About the project
Global Cybersecurity Operations (GCO) provides a coordinated suite of “Network Defence” services responsible for detecting and responding to information and cybersecurity threats to our assets across the globe and is under the management of the Head of Global Cybersecurity Operations. This includes dedicated functions for the monitoring and detection of threats within the global estate as well as Cybersecurity Incident Management and Response activities. These two principal functions are supported by additional internal GCO capabilities; Cyber Intelligence and Threat Analysis and Cybersecurity Technology Operations. Critical to the success of GCO is it close partnership with sister Cybersecurity teams, IT Infrastructure Delivery and Global Business and Function clients. The overall GCO mission is placed under the purview of the Group Chief Information Security Officer (CISO).
The GCO Engineering team’s mission is to solution, design, build and deploy various security tooling within our aligned to our Security Operations Centre. The team is responsible for building solutions that are enterprise class, meet the requirements of our M&TD & IM&R teams and are resilient. The team also ensures there is adequate monitoring to proactively detect system failures and manages the performance and capacity of the platforms on an ongoing basis. This mission is critical to the protection of our customers, the our brand, shareholder value, as well as our information and financial assets.
Designing, building and deploying security tooling within various cloud platforms specifically AWS, Azure & GCP
Building integration for cross cloud connectivity SIEM (Security Info. Event Management) platforms
Works independently, mentor’s peers and is asked to function as Lead Engineer on projects
Responsible for design, development, migration and hands-on implementation of Azure Security, Azure IaaS and PaaS cloud solutions
Participate in planning, implementation, and growth of our Microsoft Cloud foundational footprint as it pertains to security tooling
Work closely with other architects and engineers to recommend, design and implement solutions that effectively reflect our SOC business needs, security, and service level requirements
Managing and owning the relationship with the Cloud platform teams and ITID infrastructure delivery teams to support a collaborative and effective security focussed partnership.
Train, develop, mentor and inspire cybersecurity colleagues in area(s) of specialism.
Collaborate with the wider Cybersecurity and IT teams to ensure that technological remain fit for purpose.
Promote a “self-critical” and continuous assessment and improvement culture whereby identification of weaknesses in the bank’s control plane (people, process and technology) are brought to light and addressed in an effective and timely manner.
Supporting a “self-critical” culture whereby identification of weaknesses in the bank’s control plane (people, process and technology) are brought to light in an effective manner and addressed.
Excellent cloud systems engineering skills, insatiable curiosity and an innate drive to win.
Strong problem-solving and trouble-shooting skills.
Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
Developed external peer network for sharing intelligence
An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business.
An understanding of organisational mission, values and goals and consistent application of this knowledge.
Self-motivated and possessing of a high sense of urgency and personal integrity.
Highest ethical standards and values.
Experience defining and refining operational procedures, workflows and processes to support the team in consistent, quality execution of monitoring and detection.
Good understanding of cyber security principles, global financial services business models, regional compliance regulations and laws.
Good understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, MITRE ATT&CK, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards.
Good communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.
Ability to speak, read and write in English, in addition to your local language.
At least 5 years’ experience building and tuning highly available infrastructure in either of the cloud environments AWS, Azure or GCP
Deep understanding of current AWS, Azure, GCP capabilities, limitations, and costing methodologies;
Hands-on experience designing effective and scalable security strategies using IAM roles/ policies;
Hand-on experience with AWS, Azure & GCP foundation services related to compute, network, content delivery, administration and security, deployment and management, automation technologies.
Lead the design, implementation, testing, documenting of infrastructure technologies with varying degrees of hands-on execution tasks.
Ability to build architectures and provide prescriptive guidance across network, storage, operating systems, virtualization, RDBMS & NoSQL databases, mid-tier technologies that include application integration, Streaming, in-memory caches, and security.
Ability to facilitate architecture decisions related to AWS, Azure & GCP services (Route 53, ELB, EC2, ECS, SQS, SNS, CloudWatch, Lambda, Dynamo DB, Kinesis, etc.)
Experience with core Google Cloud services including Compute, IAM, VPC, Cloud Run, and GKE.
Experience working with container and serverless technology.
Strong experience in building and deploying applications on the Cloud, using CI/CD frameworks and Infrastructure automation.
Expert level of knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools for the collection and real-time analysis of security information.
Expert level knowledge of one of more leading Cloud platforms including Microsoft Azure, Amazon Web Services, Google Cloud Platform and Alibaba Cloud.
Expert level knowledge of security event logging, monitoring, detection and response on one or more of the leading Cloud platforms using tools and native capabilities such as AWS GuardDuty, Azure Sentinel, Google Security Command Center and Alibaba Cloud Security Center.
Excellent knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Citrix, GSX Server, iOS, OSX, etc.
Excellent knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IP, HTTP, etc. and network protocol analysis suites.
Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems.
What we offer
Contact with top IT technologies available in the market.
Employees’ benefits: Multisport Card, private medical and dental health care, life insurance,
Free parking space for our employees – few minutes from the office,
Internal training events and workshops,
Realistic career progression opportunities in an international organization,
Casual dress code,
Remote work possible after Covid-19 (up to individual discussion with hiring manager).
private medical care
sharing the costs of foreign language classes
sharing the costs of professional training & courses
remote work opportunities
flexible working time
corporate sports team
doctor’s duty hours in the office
retirement pension plan
no dress code
video games at work
coffee / tea
parking space for employees
extra social benefits
employee referral program
opportunity to obtain permits and licenses
Welcome to HSBC!
Industry Experience and Qualifications
Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:
• 5+ years of experience in Cloud Systems Engineering role or similar.
• Experience within an enterprise scale organisation; including hands-on experience of complex data centre environments, preferably in the finance or similarly regulated sector.
• Cloud platform specific certifications relating to the major cloud providers.
• Formal education and advanced degree in Information Security, Cybersecurity, Computer Science or similar and/or commensurate demonstrated work experience in the same.
HSBC Service Delivery (Polska) Sp. z o.o.
HSBC is one of the world’s largest banking and financial services organisations. Our global businesses serve more than 40 million customers worldwide through a network that covers 64 countries and territories.
HSBC Service Delivery (Polska) Sp. z o.o. is HSBC's global finance, operations, risk and technology centre. We use our unique expertise and capabilities to provide specialised services – our people range from technologists transforming the banking experience to operations professionals managing 1.7 trillion payments a year.
Our Purpose – Opening up a world of opportunity – explains why we exist. We are bringing together the people, ideas and capital that nurture progress and growth, helping to create a better world – for our customers, our people, our investors, our communities and the planet we all share.