Cyber Intelligence Principal Analyst (GCO)

Job description

Cyber Intelligence Principal Analyst (GCO)

Some careers grow faster than others.

If you're looking for a career that will give you plenty of opportunities to develop, join HSBC and your future will be rich with potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

The IT Security team at HSBC are engaged to transform the way information security is accomplished at the bank and we are set to enable the business to do more, as securely as we want, or need to be. In short, in line with the Bank's strategy, we are to be Simpler, Better, Faster and of course – More Secure.

To achieve this we have many exciting challenges ahead and are looking for people with a real passion for what they would like to do. Working with some of the best technology talent we are searching for technologists and enablers that will help support us on this journey.

As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.

We are currently seeking an experienced individual to join this team in the role of Cyber Intelligence Principal Analyst (GCO).

In this role, you will:

·
Monitoring the global cyber threat landscape through; open source channels, vendor feeds, participation in industry/government information sharing organisations/platforms and cultivated personal relationships.

·
Leading the development and implementation of mitigation strategies to prevent the potential materialisation of the threat.

·
Identification of processes that can be automated and orchestrated to ensure maximum efficiency of collection and dissemination of consolidated threat intelligence feeds to internal stakeholders and external partners.

·
Support the maintenance of a global capability for collection that takes into account market and business requirements and fully leverages the HSBC global footprint around location, culture, language and proximity to high value partners.

·
Leading the establishment of HSBC as a valued contributor to information sharing efforts across the industry that helps to drive a positive image of the bank with our peers and regulators in the markets we serve.

·
Leading the establishment of HSBC as a leader in information security through collaborative analysis and contributions across multiple sectors in industry, academia and government.

·
Leading the development of internal HSBC capabilities, leveraging the global HSBC footprint that enables the team to fully understand the latest tactics, techniques and procedures of advanced adversaries through direct observation and manipulation.

·
Participation in and support of external offensive engagements with industry partners, law enforcement and the wider security community, that projects HSBC expertise in protecting the bank and its customers against systemic threats.

·
Developing processes and engaging in active cyber defence to move HSBC beyond a reactive posture to a proactive posture against cyber threats.

·
Supporting a “self-critical” culture whereby identification of weaknesses in the bank's control plane (people, process and technology) are brought to light in an effective manner and addressed.

·
Supporting a culture of individual self-improvement whereby staff are expected to maintain subject matter expertise within their area of focus and within the realm of cybersecurity more broadly.

·
Supporting engagement of Global Businesses and Functions everywhere HSBC does business that drives a global up-lift in cybersecurity awareness helping to “tell the story” of HSBC Cybersecurity efforts.

·
Advise HSBC leadership on the latest trends in cyber intelligence and best practices, through close collaboration and engagement with industry, academia and government.

·
Production of Management Information related to the Cyber Intelligence and Threat Analysis mission that is appropriate to the target audience, supported by data and experienced analysis enabling informed decisions.

·
Engagement within the Lines of Defence Risk Management framework adopted by HSBC to ensure complete transparency and effective working relationships across all lines of defence.

·
Train, develop and mentor less experienced analysts.

Desired profile

Qualifications :

To be successful in this role you should meet the following requirements:

· 
Highly developed research and analytical skillset, so you can work with large volumes of data and pinpoint statistically significant patterns related to cyber threats.

· 
Excellent investigative skills, insatiable curiosity and an innate drive to win.

· 
Instinctive and creative, with an ability to think like the enemy.

· 
Deep knowledge of hacker culture.

· 
Developed external peer network for sharing intelligence.

· 
Self-motivated and possessing of a high sense of urgency and personal integrity.

· 
Highest ethical standards and values.

· 
Excellent understanding of HSBC cyber security principles, global financial services business models, regional compliance regulations and laws.

· 
Excellent understanding and knowledge of common industry cyber security frameworks, standards and methodologies including; OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards.

· 
Proven experience in identifying and responding to advanced attacker methodologies both within the corporate environment as well as external attack infrastructures, ideally with offensive experience and / or deception environment development (tripwire systems, honeypots, honey-token/accounts, etc.) using open source, vendor purchased and bespoke/in-house developed solutions.

· 
Excellent communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.

· 
Proven ability to collaborate across industry, academia and government to solve complex cyber security problems.

· 
Ability to speak, read and write in English, in addition to your local language.

Technical Skills

· 
Extensive knowledge and demonstrated experience of common intelligence sharing platforms/protocols and experience operating within a collective defence environment, with internal stakeholders and external partners.

· 
Expert level knowledge of intelligence analysis principles either through formal education/training or equivalent professional experience.

· 
Excellent knowledge and demonstrated experience in analysis and dissecting advanced attacker tactics, techniques and procedures that informs adjustments to the cybersecurity control plane.

· 
Ability to develop and track key performance indicators (KPIs) and metrics for evaluation of operational effectiveness as well as providing recommendations for control improvement and mitigating control adjustments.

The base location for this role is Park Street, London


You'll achieve more when you join HSBC.

At HSBC we look to enable our employees to better balance their work / life priorities and have the flexibility required to meet challenging needs as they progress through different life stages. Where possible we will consider the following flexible working options: part-time working, job sharing, term-time working, and working from home and staggered hours. If in considering a role with HSBC you have a need for some flexibility in your working arrangements please discuss this with the recruitment team in the early stages of the application process.

HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment.
Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.