.
(Cybersecurity) Lead Cloud Security Analyst
  • Kraków
(Cybersecurity) Lead Cloud Security Analyst
Kraków, Kraków, Lesser Poland Voivodeship, Polska
HSBC Service Delivery (Polska) Sp. z o.o.
1. 5. 2024
Informacje o stanowisku

(Cybersecurity) Lead Cloud Security Analyst

Miejsce pracy: Kraków

Technologies we use

Operating system

  • Windows

About the project

Operating within the Cybersecurity Global Defence function and under the management of the Global Head of Cybersecurity Operations, the Global Cybersecurity Operations (GCO) team provides a coordinated suite of “Network Defence” related services and are responsible for the detection and response to information and cybersecurity threats across the global HSBC assets and estate.

Critical to the success of GCO are its close partnerships with other Cybersecurity Global Defence teams including Cybersecurity Engineering, Service Reliability Engineering, Cyber Intelligence & Threat Analysis teams and the wider HSBC businesses and functions.

The overall GCO mission is placed under the purview of the Cybersecurity Chief Technology Officer / Head of Cybersecurity Global Defence.

Lead Cloud Security Analysts report into the Cloud Security Manager / Crew Lead and are responsible for leading the identification, analysis, and response to cyber security incidents within HSBC, using the latest technologies to detect, analyse and respond.

Your responsibilities

  • Develop, manage, and maintain intelligence and risk led threat detection capabilities across the entire global HSBC Cloud hosted technology and information estate to quickly detect and respond to harmful behaviours and events in coordination with the Cybersecurity Incident Management and Response Team, effectively containing, mitigating, and remediating more serious incidents.
  • Identify, develop, and implement new detections (Use cases) and mitigations (Playbooks) across the Cloud focussed security platforms and prioritising the use automation and orchestration opportunities.
  • Review and approve new Use Cases and Playbooks created by Cybersecurity colleagues.
  • Proactively research emerging threats and vulnerabilities to aid in the identification of cyber incidents.
  • Perform and support the technical and forensic investigations into Cloud related cyber security events across the globe.
  • Provide expert-level advice and technical leadership to the team, driving the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes.
  • Train, develop, mentor, and inspire cybersecurity colleagues in area(s) of specialism.

Our requirements

  • 5+ years of experience in cyber security senior analyst role or similar within an enterprise scale organisation; including hands-on experience of complex data centre environments, preferably in the finance or similarly regulated sector.
  • Formal education and advanced degree in Information Security, Cybersecurity, Computer Science or similar and/or commensurate demonstrated work experience in the same. Cloud platform specific certifications relating to the major cloud providers. Industry recognised cyber security related certifications (including CEH, EnCE, SANS GSEC, GCIH, GCIA and/or CISSP) are nice to have.
  • Excellent investigative skills, insatiable curiosity, and an innate drive to win. Instinctive and creative, with an ability to think like the adversary. Experience defining and refining operational procedures, workflows, and processes to support the team in consistent, quality execution of monitoring and detection.
  • Good understanding and knowledge of common industry cyber security frameworks, standards, and methodologies, including OWASP, MITRE ATT&CK, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards.
  • Intermediate level knowledge and demonstrated experience in analysis and dissection of advanced attacker tactics, techniques, and procedures to inform adjustments to the control plane. Intermediate level of knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools for the collection and real-time analysis of security information.
  • Intermediate level knowledge of one of more leading Cloud platforms including Microsoft Azure, Amazon Web Services, Google Cloud Platform and Alibaba Cloud. Intermediate level knowledge of security event logging, monitoring, detection, and response on one or more of the leading Cloud platforms using tools and native capabilities such as AWS GuardDuty, Azure Sentinel, Google Security Command Center and Alibaba Cloud Security Center.
  • Detailed knowledge and demonstrated experience of common cybersecurity technologies such as IDS / IPS / HIPS, EDR, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, WAF, etc. Excellent knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Citrix, GSX Server, iOS, OSX, etc. Excellent knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IP, HTTP, etc. and network protocol analysis suites.
  • Good knowledge and demonstrated experience in common cybersecurity incident response and forensic investigation tools such as: EnCase, BlackLight, Kali Linux, IDA Pro, etc. Good knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation, and remediation.
  • Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems.

What we offer

  • Competitive salary
  • Annual performance-based bonus
  • Additional bonuses for recognition awards
  • Multisport card
  • Private medical care
  • Life insurance
  • One-time reimbursement of home office set-up (up to 800 PLN)
  • Corporate parties & events
  • CSR initiatives
  • Nursery discounts
  • Financial support with trainings and education
  • Social fund
  • Flexible working hours
  • Free parking (Cracow office)

Benefits

  • sharing the costs of sports activities
  • private medical care
  • sharing the costs of professional training & courses
  • life insurance
  • flexible working time
  • integration events
  • corporate sports team
  • doctor’s duty hours in the office
  • retirement pension plan
  • corporate library
  • no dress code
  • video games at work
  • coffee / tea
  • parking space for employees
  • leisure zone
  • extra social benefits
  • employee referral program
  • opportunity to obtain permits and licenses
  • charity initiatives
  • family picnics
  • extra leave

Recruitment stages

  • Online assessment
  • Phone interview
  • Job interview
  • Welcome to HSBC!

HSBC Service Delivery (Polska) Sp. z o.o.

HSBC is one of the world’s largest banking and financial services organisations. Our global businesses serve more than 40 million customers worldwide through a network that covers 63 countries and territories.

HSBC Service Delivery (Polska) Sp. z o.o. is HSBCs global finance, operations, risk and technology centre. We use our unique expertise and capabilities to provide specialised services – our people range from technologists transforming the banking experience to operations professionals managing 1.7 trillion payments a year.

Our Purpose – Opening up a world of opportunity – explains why we exist. We are bringing together the people, ideas and capital that nurture progress and growth, helping to create a better world – for our customers, our people, our investors, our communities and the planet we all share.

Thank you for interest in HSBC..Before you apply, please note that we will take into the consideration only applications that include the following statement:.“I hereby declare that I have familiarised myself with the Privacy Statement for Applicants published at http://www.about.hsbc.pl/careers and I give my consent to use my personal data included in my application for the purposes of recruitment in HSBC Service Delivery (Polska) Sp. z o. o. according to the rules described in the Privacy Statement for Applicants, as per the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (GDPR).”.Due to the high number of applications, we reserve the right to contact selected candidates only..In case you would like to resign from participation in the recruitment process or withdraw previously sent application, please email us at: krakow.recruitment@hsbc.com.

  • Praca Kraków
  • Chief security officer Kraków

    • Kraków - Oferty pracy w okolicznych lokalizacjach

    Odpowiedz na ogłoszenie
    Praca Kraków - Ciekawe oferty pracy w okolicy:
    Network Security Analyst
    (Cybersecurity) Midrange Senior Security Engineer
    • Kraków
      HSBC Service Delivery (Polska) Sp. z o.o.
    Network Security Analyst
    Cloud Network Security Engineer
    Cybersecurity SRE Database Security Lead Engineer
    • Kraków
      HSBC Service Delivery (Polska) Sp. z o.o.
    Cloud Security Controls Lead
    • Kraków
      HSBC Service Delivery (Polska) Sp. z o.o.
    Cloud Security Engineer
    Cybersecurity Analyst (SOC Tier 3)
    Cloud Network Security Engineer
    76 147
    15 080