"At HSBC we are committed to build a culture where all employees and customers are valued regardless of gender, age, sexuality, ethnicity, disability, religious belief, background and any other aspect of personal difference”
"HSBC employees are committed to act with courageous integrity and standing firm for what is right. We are reliable, open to different ideas and cultures and connected with customers, community, regulators and with each other."
HSBC invites you to participate in our recruitment process for:
IT Operations Engineer Cyber Security
The Security Technology Operations Engineer will be a member of the Global Cybersecurity Technology team. This team is responsible for identifying, developing and deploying global cybersecurity controls across the estate leveraging the firm's assets, network and data to identify threats.
The IT operations Engineer IT Security is responsible for 24/7 operational support of various security tools deployed across HSBC. The IT Ops Eng IT Security ensures the availability, reliability, sustainability, operations, and administration of information technology servers, data storage and Cyber Security applications. Demonstrate a solid understanding of information systems (IS) technologies, protocols, standards, and applications. Make use of key competencies including servers, core services, distributed applications, security, enterprise storage, database administration, messaging, application monitoring, and client interfaces.
· Serve as Level L2 Security administrator supporting 24/7 operations of critical cybersecurity technologies and its operations.
· Perform cybersecurity application installation, upgrades , product hygiene and maintenance.
· Provide Level 1/2 production support for cybersecurity technologies such as Endpoint Security (CrowdStrike/McAfee/Network proxies, Email security solutions , and Endpoint security. Menlo Security etc.
· Analyze, investigate, remediate cybersecurity application incidents in operational/production environment.
· Automate repeated and operational tasks through programming (Perl, Python, PHP, Bash, or PowerShell) or other interfaces.
· Operate in accordance with ITIL processes such as Change Management process, Incident Management and Problem Management.
· Identify operational gaps and drive continual service improvement plans for existing processes.
· Provide infrastructure support for AWS/Azure and GCP environment.
· Build tool knowledgebase and establish/enhance Standard Operation Procedures (SOP).
· Work with minimal supervision and conduct activities as a collaborative partner to Cyber Security as well as other lines of business (LOBs).
· Work in “follow the sun model” to support 24X7 operations.
· Develop and produce operational metrics such as Change success rate, tool uptime report, Incident ticket volume etc.
Bachelor Degree: Engenieering, Systems or related (Optional)
Spanish-English speaker (fluent)
Experience range between 3-4 years of experience in administration and support of at least 2 +cybersecurity tools in one or more following areas
Endpoint security(McAfee, Symantec SEP, CrowdStrike, Fire Eye) ,
Network security ( Fore Scout, Illumio, Network firewalls , Proofpoint , Network proxies , Menlo isolation platform etc.. ) ,
Application security ( Nessus , Check Marx, Beyond Trust etc..)
Data Security ( Symantec DLP, Database/file activity monitoring tools etc..)
Analytic & logging tools ( Splunk ,GBDI, Syslog applications)
Experience with any one of the script language such as Perl/PowerShell/Python
Familiarity with Unix, Windows and database platforms such as Linux, AIX, Windows, Oracle , MSSQL etc..
Experience working on Amazon web services ( Compute , Storage and Networking)
Must possess clear oral and written communication skills, and be able to clearly articulate complex concepts to broader audience
Excellent analytical and problem-solving skills – ability to get to the root of the problem, assess impact, and develop a resolution plan quickly, leveraging all available resources, is essential.
Must take ownership of tasks and demonstrate high degree of responsibility to ensure completion.
Industry certifications in at least 2 or more among CISSP, Security Plus, AWS/Azure Solution architect, Splunk power user/admin.
Plus but not a Must…
Experience working in DevOps, continuous integration and Agile, including design of security solutions, models, and strategy presentations.
· Menlo (Cloud based Antivirus)
· ForeScout (Network segmentation)
· CyberArc (Privilege Access Management)
· McAfee EPO