Informacje o stanowisku

about-project :

• Offensive Security provides an independent challenge to HSBC’s cybersecurity posture by bringing the attacker’s mindset to find and exploit vulnerabilities and to simulate real-world attacks. Through this, OffSec discover weaknesses across people, process, and technology, enabling the Firm to better understand its exposure to cybersecurity attacks and to drive a proactive approach to protect itself and to manage risk more effectively.

• Accountable for the delivery of the Bug Bounty to meet the requirements of HSBC’s cybersecurity controls, auditors, and global regulators.
• Responsible for ensuring the crowd is leveraged with well scoped with clearly defined objectives, and delivered on time through an approach that scales and minimises operational risk.
• Responsible for identifying thematic findings in line with threat actor techniques and procedures, and the shifting technology landscape within HSBC, and driving the crowd to target these areas.
• Accountable for the delivery of the change and continuous uplift across crowd-sourced testing.
• Global Control Operator for Crowd-sourced Security Testing under VIAO.3 (Offensive Security) control and protecting the bank’s technology, information, and customers.
• Leadership of a small team to manage operation of the Bug Bounty.

• Proven experience in identifying and communicating security vulnerabilities across Web, APIs, Infrastructure, and Mobile (e.g., penetration testing).
• Experience in identifying vulnerabilities by leveraging “the crowd” (e.g., Bug Bounty)
• Experience working in highly sensitive projects and a highly regulated environment.
• Excellent communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.
• Excellent understanding of cybersecurity principles, global financial services business models, regional regulations and applicable laws.
• Formal education and advanced degree in Information Security, Cybersecurity, Computer Science or similar and/or commensurate demonstrated work experience in the same.

• Competitive salary
• Annual performance-based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One-time reimbursement of home office set-up (up to 800 PLN)
• Corporate parties & events
• CSR initiatives
• Nursery discounts
• Financial support with trainings and education
• Social fund
• Flexible working hours
• Free parking

• sharing the costs of sports activities
• private medical care
• sharing the costs of professional training & courses
• life insurance
• remote work opportunities
• flexible working time
• integration events
• corporate sports team
• doctor’s duty hours in the office
• retirement pension plan
• corporate library
• no dress code
• coffee / tea
• parking space for employees
• leisure zone
• extra social benefits
• employee referral program
• opportunity to obtain permits and licenses
• charity initiatives
• family picnics
• extra leave
• In-office gym

Kraków - Oferty pracy w okolicznych lokalizacjach