Cybersecurity Principal Researcher (GCO)
City of London (Greater London) Marketing
Job description
Cybersecurity Principal Researcher (GCO)
Some careers grow faster than others.
If you're looking for a career that will give you plenty of opportunities to develop, join HSBC and your future will be rich with potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.
The IT Security team at HSBC are engaged to transform the way information security is accomplished at the bank and we are set to enable the business to do more, as securely as we want, or need to be. In short, in line with the Bank's strategy, we are to be Simpler, Better, Faster and of course – More Secure.
To achieve this we have many exciting challenges ahead and are looking for people with a real passion for what they would like to do. Working with some of the best technology talent we are searching for technologists and enablers that will help support us on this journey.
As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.
We are currently seeking an experienced individual to join this team in the role of Cybersecurity Principal Researcher (GCO).
In this role, you will:
· Developing new and innovative approaches that will later become a business as usual capability.
· Advising HSBC leadership on the latest trends in cyber security research and best practices, through close collaboration and engagement across HSBC and with industry, academia, and government.
· Spearheading the next generation of cyber security tools techniques and procedures through the creation of prototypes, pilots, and funded R&D efforts to enhance analytic capabilities, improve defensive postures and ensure maximum efficiency across the GCO.
· Identification of new and innovative methods for improving situational awareness and countering advanced threats across the Group.
· Prototyping internal HSBC capabilities, leveraging the global HSBC footprint, enabling the team to fully understand the latest tactics, techniques and procedures of advanced adversaries, through direct observation and manipulation.
· Participation in and support of external offensive engagements with industry partners, law enforcement and the wider security community, that projects HSBC expertise in protecting the bank and its customers against systemic threats.
· Establishing HSBC as a leader in information security through contributions across multiple sectors in industry, academia and government.
· Supporting the development of a “self-critical” culture, whereby identification of weaknesses in the bank's control plane (people, process and technology) are brought to light in an effective manner and addressed through performing strategic assessments that analyse the processes, techniques and procedures across the HSBC mission areas.
· Participation in special projects on behalf of HSBC and GCO Leadership.
· Working with the HSBC Leadership team to ensure the successful transition from research to standard business practices to improve HSBC's security posture and business processes.
· Establishing HSBC as a valued contributor to information sharing efforts across the industry that helps to drive a positive image of the bank with our peers and regulators in the markets we serve.
· Transitioning prototypes and research to HSBC Cybersecurity teams for productisation and global deployment.
Desired profile
Qualifications :
To be successful in this role you should meet the following requirements:
A background in technical research and development.
·
Proven experience in identifying and responding to advanced attacker methodologies both within the corporate environment as well as external attack infrastructures.
·
Excellent understanding of HSBC cyber security principles, global financial services business models, regional compliance regulations and applicable laws.
·
Excellent understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards.
· An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative and actionable manner.
·
Ability to orchestrate, manage and successfully implement major procedural and technological change within a complex, global organisation.
·
Proven ability to collaborate across industry, academia and government to solve complex cyber security problems.
Technical Skills
·
Excellent knowledge and demonstrated experience in advanced adversary tactics, techniques and procedures, both from an offensive and defensive perspective.
·
Expert level knowledge and demonstrated experience in architecting and automating highly complex analysis for identification, detection and response.
·
Excellent knowledge and demonstrated experience in developing and deploying real-time analysis capability of large scale and often diverse data sets, that enable more effective, efficient and coordinated defence capabilities.
·
Experience interfacing with technology teams to bring lab concepts to market within an organisation and building effective operational models to ensure capabilities are able to be fully utilised and grow to meet the needs of the team.
·
Expert level knowledge in the thought process, methodologies and techniques used by advanced criminal and nation state adversaries spanning multiple aspects of the security domain.
The base location for this role is Park Street, London
You'll achieve more when you join HSBC.
At HSBC we look to enable our employees to better balance their work / life priorities and have the flexibility required to meet challenging needs as they progress through different life stages. Where possible we will consider the following flexible working options: part-time working, job sharing, term-time working, and working from home and staggered hours. If in considering a role with HSBC you have a need for some flexibility in your working arrangements please discuss this with the recruitment team in the early stages of the application process.
HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment.
Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.