Offers “HSBC”

days ago HSBC

Lead Software Engineer

  • Internship
  • Arlington Heights (Cook)
  • Energy / Materials / Mechanics

Job description



Cybersecurity Science and Analytics empowers Cybersecurity in protecting the bank by leveraging data and innovative capabilities to create effective and proactive security measures, as well as enabling data driven business decisions. The CS&A mission is critical to the protection of HSBC customers, the HSBC brand, HSBC information, financial assets and ultimately shareholder value, through ensuring HSBC remains a market leader in protecting our customers and assets.

This highly skilled and specialized team maintain subject matter expertise across a range of relevant topics, stays abreast of the latest adversary tactics, techniques and methodologies, and maintains the domain knowledge of advanced cyber security techniques and procedures. This knowledge base is maintained through close partnerships across HSBC and global engagements with industry, academia, and government.

Cybersecurity Science and Analytics (CS&A) is made up of four core towers, who's functions are to; move data, ensure it is in the right structure, automate processes, design infrastructure and keep the systems functioning (Data Engineering); manage the analytic engines and develop capabilities that generate knowledge (Analytic Engines); prove concepts and methods, while also solving the tactical challenges presented to the organization (Advanced Projects) and; develop the analytics methods (Artificial Intelligence).

The Lead Software Engineer will operate under the Principal Engineer at our US branch under the Analytic Engines tower, in support of the analytic and science mission, and is accountable for:

· Designing, implementing, and supporting key cyber security analytics offerings in support of the Cybersecurity mission areas, focused on the Threat Hunt team in 2020 and 2021

Tasks associated with this role include:

· Design and build cyber security analytics, applications, dashboards, reports, and visualizations for various cyber mission areas including network defence, threat hunting, vulnerability management, data loss prevention, and others as needed
· Work closely with Data Engineers and Data scientists to solve complex cyber data challenges (data parsing, enrichment, curation, question focused analytics, ETL, pipeline resiliency, etc.) and build solutions in Azure using python/Java, Databricks/Spark, Synapse, and any other data engineering and visualization tools as needed
· Collaborate closely and iterate with internal Cybersecurity customers and stakeholders to ensure their needs are met
· Mentor more junior engineers
· Provide ongoing support to the customers within, and external to, the science and analytics environment
· Driving strategic capabilities. Creating innovative data driven capabilities and prototypes that push the bounds of computer security analytics
· Participation in special projects on behalf of HSBC and CS&A leadership
Impact on the Business
· Supports the development of the Cybersecurity Science and Analytics function, engaging with colleagues across Cybersecurity and other IT functions to drive and deliver sustainable operational plans in line with department strategy.
· Leads and facilitates change through clear strategy, operational planning and effective communication and stakeholder management.
· Drives business performance, clear thinking and utilises experience whilst under pressure.
· Delivers sustainable business outcomes.
· Responsible for building effective technology and process control capability that is continuously re-factoring to meet evolving security and compliance needs
· Works closely with peers and business leads to build and implement controls in alignment with risk-posture, architectural constraints, company strategic direction and industry trends and best practices.
· Drives delivery of the highest standards and outcomes, inspiring others to do the same. Focuses on medium and long term goals even when under pressure or facing uncertainty. Manages expectations, results and impact of agreed outcomes, thinking ahead to identify and overcome potential issues.
· Strategically drives innovation to gain competitive advantage, taking calculated, entrepreneurial risks to achieve business outcomes. Generates an environment in which innovation is seamlessly embedded into working practices.
Customers / Stakeholders
· Leads a customer-focused and collaborative culture by championing customer and stake-holder engagement throughout the team.
· Demonstrates an understanding of customer and stakeholder requirements by providing specialist input and knowledge and having a detailed understanding of the different short and long term shifts in business/function patterns of activity and demand.
· Understands and interprets developments and changes in future business requirement and ensures the appropriate reaction and response through discourse and the implementation of relevant, security focused, technical and procedural solutions.
· Strengthens stakeholder relationships and enhances key relationships using rapport-building expertise and appropriate influencing skills to add and increase stakeholder advocacy. Key relationships to include Functional heads across the other HOST functions and external account managers for third party suppliers and vendors, along with other regional counterparts across the globe, Cultivate strong relationships with organisationally important global and/or high value stakeholders with a tailored approach.
Leadership & Teamwork
· Supports the development of the Cybersecurity Science & Analytics Team, making sustainable decisions that protects and enhances HSBC's values, reputation and stakeholder value.
· Actively encourages a learning culture, encouraging collaboration and cross-functional working to develop and nurture teams and identify talent.
· Authentically engages a diverse group of stakeholders internally and externally to influence the achievement of best outcomes for all stakeholders.
· Builds rapport and mutual understanding to communicate and create opportunities for cross-business and/or international working, encouraging debate and open discussion. Encourages people to build sustainable relationships beyond transactional levels and use empathy and insight to build better understanding of mutual benefits.
· Advanced coach / mentor contributes to the establishment of good coaching and mentoring practices. Demonstrates alternative techniques for diagnosing and coaching individuals and teams.
Operational Effectiveness & Control
· Governs risk responsibly. Promotes ethical management of risk across regions and business areas within their area of responsibility.
· Communicates changes in policy and governance effectively, reinforcing risk processes within their area of responsibility.
· Builds and sustains a risk aware culture. Shows integrity whilst promoting and managing relevant monitoring and reporting requirements within their area of responsibility.
· Embeds efficient risk and compliance processes and procedures into business as usual practices.
· Builds collaborative relationships, defines and articulates to stakeholders the targeted benefits for a change intervention.
· Demonstrates effective financial skills to develop a detailed business case, including investments, detailed benefits (financial, non-financial and strategic) and link to overall finances of the business.
· Identifies and highlights financial implications of risks/issues, involves stakeholders and supports management of budget variation as appropriate.
Major Challenges
· Budget & People – This role will have no direct budget accountability.
· Relationships - Key relationships include other Cybersecurity Service Lines, ITID, ADM and HOST and extends to peers across regions, other GB/GF and Security Function heads and generally up to 2 level higher in the organisation, as well audit, regulators and key government agencies and security forums. Will also include external relationships with vendors, acting as a subject matter expert.
· Regulatory & Risk Management - Working closely with Cybersecurity Functions and peers across the HOST function to deliver sustainable results, build strong relationships with internal and external stakeholders (risk, audit, government agencies, industry forums etc.) to understand the IT/Information Security risk profile, monitor compliance with policies and standards and identify and address any regional or country specific requirements.
· Strategic input - Providing influence and input to ensure alignment between Cybersecurity and GB/GF strategic outcomes and business goals. Uses extensive technical knowledge and experience to solve complex problems and propose implementable solutions, to deliver ongoing improvements in line with business strategy.
· Technology - The role holder will have exceptional knowledge of their technical environment and will have significant influence in setting the way forward in the types of technology they utilise. Forward thinking, making the right decisions based on strategy.
· Budget & People – This role will have no direct budget accountability.
· Relationships - Key relationships include other Cybersecurity Service Lines, ITID, ADM and HOST and extends to peers across regions, other GB/GF and Security Function heads and generally up to 2 level higher in the organisation, as well audit, regulators and key government agencies and security forums. Will also include external relationships with vendors, acting as a subject matter expert.
· Regulatory & Risk Management - Working closely with Cybersecurity Functions and peers across the HOST function to deliver sustainable results, build strong relationships with internal and external stakeholders (risk, audit, government agencies, industry forums etc.) to understand the IT/Information Security risk profile, monitor compliance with policies and standards and identify and address any regional or country specific requirements.
· Strategic input - Providing influence and input to ensure alignment between Cybersecurity and GB/GF strategic outcomes and business goals. Uses extensive technical knowledge and experience to solve complex problems and propose implementable solutions, to deliver ongoing improvements in line with business strategy.
· Technology - The role holder will have exceptional knowledge of their technical environment and will have significant influence in setting the way forward in the types of technology they utilise. Forward thinking, making the right decisions based on strategy.
Management of Risk
· The jobholder will ensure the fair treatment (service excellence) of our customers is at the heart of everything we do, both personally and as an organisation.
· The jobholder will also continually reassess the IT Security and operational risks associated with the role and inherent in the business, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, management restructurings, and the impact of new technology.
· This will be achieved by ensuring all actions take account of the likelihood of operational risk occurring. Also by addressing any areas of concern in conjunction with entity management and/or the appropriate department.
Observation of Internal Controls
· Maintains HSBC internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators.
· The jobholder will also adhere to and be able to demonstrate adherence to internal controls. This will be achieved by adherence to all relevant procedures, keeping appropriate records and, where appropriate, by driving the timely implementation of internal and external audit points, including issues raised by external regulators, and internally identified IT security risks.
· The jobholder will implement the group compliance policy by containing compliance risk in liaison with Global Head of Compliance, Global Compliance Officer, Area Compliance Officer or Local Compliance Officer. The term ‘compliance' embraces all relevant financial services laws, rules and codes with which the business has to comply.
· This will be achieved by adhering to all relevant processes/procedures and by liaising with compliance department about new business initiatives at the earliest opportunity. Also and when applicable, by ensuring adequate resources.

Ideal candidate profile



Qualifications :

Skills
·  A strong background in Software engineering
·  Experience in deploying complex cloud data and big data systems
·  Understanding in applying data engineering and data science methods to the cyber security domain
·  Experience in PMP/Prince2, SCRUM, and Kanban program management methods
·  An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative and actionable manner
Technical Skills
·  Experience building applications in Spark / Hadoop / Big Data technologies
·  Development experience with python / Java
·  Experience building applications in AWS or Azure
·  Experience building analytics and ETL jobs using complex SQL
·  Experience with Data Warehouse technologies such as Snowflake, AWS Redshift, or Azure Synapse
·  Experience with NOSQL data stores such as Elasticsearch, HBase, Apache Accumulo, Cassandra, MongoDB or similar
·  Experience delivering under high pressure in face paced environments
·  Experience in cyber security operations or working closely with cyber security operations teams (SOC, IR, threat detection, hunt, vulnerability management, etc.)
Industry Experience and Qualifications



Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:

·  3-5 years of experience working in the data science or engineering field building data and big data systems in cloud environments
·  3-5 years' experience of software engineering using Python/Java or other object oriented languages
·  Bachelors or Masters in computer science, engineering, or IT
Nice to have:
·  M.S. in Computer Science, engineering, or IT
·  AWS or Azure Certifications
·  Experience building Machine Learning applications
·  Experience in financial services or other highly regulated industries
EEO/AA/Minorities/Women/Disability/Veterans