94 311
15 366
About-project : Technology teams in the UK work closely with our global businesses to help design and build digital services that allow our millions of customers around the world, to bank quickly, simply and securely. They also run and manage our IT infrastructure, data centres and core banking systems that power the world’s leading international bank. Our multi-disciplined teams include Dev Ops engineers, IT architects, front and back-end developers, infrastructure specialists, cyber experts, as well as project and programme managers. Cybersecurity is responsible for fielding solutions that help defend HSBC against a wide range of threats to the business as well as its customers, clients, partners, and staff. The team works in concert, with partner teams across HSBC, to implement novel defensive capabilities that are effective and adaptable against a constantly evolving threat landscape. The function operates under the vision: “Enabling HSBC to be safely successful everywhere the Firm chooses to do business." Global Defense - Cybersecurity Engineering and Operations is comprised of several inter-joined teams: Technical Directors Office (TDO), Site Reliability Engineering (SRE), Global Defense Governance & Delivery (GDD), Global Cybersecurity Operations (GCO) and Cybersecurity Intelligence & Threat Analysis (CITA). Together, the function enables an adaptive and constantly evolving capacity to address risks borne through an ever-shifting threat landscape. The function serves as an engine for innovation and problem solving with partner teams across the Firm who share a common imperative to be the best for our customers and drive the Global HSBC Purpose of “Opening up a world of opportunity". responsibilities : Provide the first line of defense (1 LOD) for the organization for all matters relating to Endpoint Security controls. Drive implementation of controls to protect the groups key data. Risk Management: Maintaining the accuracy and alignment of the PROT control to the Bank’s Risk Control framework. Controls Governance: Control Design and Continuous Control Monitoring - MPs/OIs enhancements, Control effectiveness rationale. Managing, reporting, and improving performance metrics (KCIs). Compliance: Ensure Endpoint Security controls align with relevant regulations, standards, and industry best practices, and support compliance efforts. Maintain internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators. Stakeholder Management: 2 Lo D/3 Lo D engagement - Responding to informal control queries and formal review and challenges and observations. Collaborate with senior stakeholders to facilitate understanding and alignment of PROT control objectives, including business units, audit and regulators. Providing specialist knowledge and timely feedback, working in partnership with those stakeholders. Cross Controls Collaboration: Foster a community of collaboration/knowledge sharing across all Control Owners in Global Defense - understanding the implication a change in one control area has on other control areas. Building and maintaining constructive working relationships with a diverse community of technical and non-technical audiences. Training and Awareness: Develop and deliver training and awareness programs to educate stakeholders and communities within Cyber about the Endpoint Security control strategy. requirements-expected : Technical Background: We are looking for someone who brings a deep understanding of technology (preferably in the Endpoint Security area) or who is willing to build up knowledge quick. Communication skills: Communication is key in that role. The PROT Control Owner must be able to communicate complex technical information to non-technical stakeholders and explain Endpoint Security control policies and procedures in a clear and concise manner. The control owner must be able to communicate to stakeholders on senior level, addressing challenges and feedback. Collaboration skills: The PROT Control Owner must be able to work effectively with cross-functional teams, including Cybersecurity and business units to ensure that Endpoint Security control strategies align with organizational goals and requirements. It is key that the Control Owner stays on top of developments in other controls areas. Stakeholder management skills: The PROT Control Owner must be able to manage relationships with stakeholders, including business units and audit/regulatory bodies, to ensure that Endpoint Security control strategies are well received and adopted. Problem-solving skills: The PROT Control Owner must be able to identify and remediate challenges in (governance) processes and must be able to get technical consultancy from the Endpoint Security Technical Directors to respond to issues. offered : Competitive salary Annual performance-based bonus Additional bonuses for recognition awards Multisport card Private medical care Life insurance One-time reimbursement of home office set-up (up to 800 PLN) Corporate parties & events CSR initiatives Nursery discounts Financial support with trainings and education Social fund Flexible working hours Free parking benefits : sharing the costs of sports activities private medical care sharing the costs of professional training & courses life insurance remote work opportunities flexible working time integration events corporate sports team doctor’s duty hours in the office retirement pension plan corporate library no dress code coffee / tea parking space for employees leisure zone extra social benefits employee referral program opportunity to obtain permits and licenses charity initiatives family picnics extra leave In-office gym