Senior Cybersecurity Test Consultant
Senior Cybersecurity Test Consultant
Some Careers Grow Faster Than Others.
If you’re looking for a career that will give you plenty of opportunities to develop, join HSBC and your future will be rich with potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.
The Cybersecurity team at HSBC are engaged to transform the way information security is accomplished at the bank and we are set to enable the business to do more, as securely as we want, or need to be. In short, in line with the Bank’s strategy, we are to be Simpler, Better, Faster and of course – More Secure.
To achieve this we have many exciting challenges ahead and are looking for people with a real passion for what they would like to do. Working with some of the best technology talent we are searching for technologists and enablers that will help support us on this journey.
As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.
We are currently seeking an experienced individual to join this team in the role of Senior Cybersecurity Test Consultant.
This job role is responsible for operating as part of a global/local team within the Cybersecurity organisation, to analyse and execute activities around Cybersecurity process, controls, standards and regulatory requirements.
The role will carry out some or all of the following activities:
* Ensure adherence to the three lines of defence organisational model with clear lines of responsibility, accountability and segregation of duties.
* Ensure compliance with internal audit and external regulators that any organisational changes are fit for purpose and meet their expectations
* Analyse and execute activities to ensure compliance with HSBC Cybersecurity policies and standards.
* Contribute to process, procedures and tool identification/development that will strength the bank’s response to threats and incidents
* Assess new technology products and projects utilising security technologies pertinent to the department
* Act as a role model to more junior members of the team
* Engagement with other Cybersecurity teams, senior management and members of the Business when confronted with potential security issues
* Expand their skills, knowledge and experience to enhance the overall capability of the function
The Security Testing candidate will assist in the identification, risk analysis and remediation tracking of infrastructure vulnerabilities identified by HSBC’s enterprise scanning and testing service. They will assist in analysis of new vulnerabilities being reported by vendors to assess the risk to HSBC.
To be successful in this role you should meet the following requirements:
* Hands-on experience in supporting infrastructure Cyber Security requirements or implementation.
* Good understanding of platform-specific security risks and common vulnerabilities.
* Experience performing infrastructure security testing using automated tools as well as manual tools.
* Experience performing risk analysis of security vulnerabilities to customize risk ratings for HSBC business lines.
* Familiarity with industry risk scoring systems like CVSS.
* Experience using infrastructure vulnerability scanning tools (NMAP, Tenable Nessus, IBM QVM, Qualys, etc.)
* Knowledge about common infrastructure vulnerabilities and remediation
* Excellent verbal and written communication skills
* Should be able to clearly articulate the risk of the defect to the stakeholders when required.
* Ability to adapt and apply information to new scenarios and technologies
* Prior infrastructure security hardening and compliance monitoring experience
* Prior experience with security testing large enterprise applications is a plus.
* A Bachelor’s degree in computer science, engineering or related fields would be desirable, or equivalent demonstrated work experience
* Shared Information Security skills – Full and broad exposure to information security common body of knowledge. After 3-4 years of dedicated security work, the tester can sit for an industry standard security certification (examples: CISSP, GIAC, etc).
* Technical Security skills – Solid infrastructure security domain knowledge of Windows, Unix/Linux, Middleware, Networking, Databases, etc.
The base location for this role is Sheffield.
You’ll achieve more when you join HSBC.
At HSBC we look to enable our employees to better balance their work / life priorities and have the flexibility required to meet challenging needs as they progress through different life stages. Where possible we will consider the following flexible working options: part-time working, job sharing, term-time working, and working from home and staggered hours. If in considering a role with HSBC you have a need for some flexibility in your working arrangements please discuss this with the recruitment team in the early stages of the application process.
HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment.
Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.