Head of Database & Lake Platform Security

Expected

Global Defense Engineering is responsible for fielding solutions that help defend HSBC against a wide range of threats to the business, customers, clients, partners, and staff. The team works in concert with partner teams across HSBC to implement novel defensive capabilities that are effective and adaptable against a constantly evolving threat landscape. The function operates under the vision: “Enabling HSBC to be safely successful everywhere the firm chooses to do business.”

• Define secure configuration baselines for database management system software, including but not limited to Oracle, Db2, SAP ASE, SQL Server, Db2 z/OS, MongoDB, and PostgreSQL, Teradata, HADOOP.
• Work with database technical subject matter experts to agree secure configuration baselines.
• Work with database technical subject matter experts to define/develop/implement checks for compliance scans.
• Work with database technical subject matter experts to provide remediation guidance for IT Service Owners.
• Work with the Configuration Baseline Management team to ensure they receive configuration compliance data.
• Interact with stakeholders across the organisation to understand their security needs and expectations.
• Define and maintain capability strategy, supported by Enterprise Architecture, Security Architecture and, Control Owners, in response to business strategies, regulator expectations, technology and practice advancement, best practice, and threat actor evolution [will overlap with Architecture.
• Ensure success with delivery partners (in alignment with support functions). Runs / drives respective Delivery forum, QBRs, SteerCos and Capability PODs.
• Maintain and prioritise a capability backlog based on objectives and value released to identify what teams work on next. Supports the prioritisation of backlogs from supporting technology and operations/service teams.
• Close working with Control Owners: Oversees Control Owner activity from a technical point-of-view, e.g. accurate assessment of control defect severities.
• Close working with Service Owners: understands general performance of associated services, exceptions, customer feedback and service uplift roadmaps.
• Close working with Technology/Platform Owners: understands general performance of associated IT services, significant bugs, technology health, customer feedback and technology uplift roadmaps (including technical debt resolution).
• Run a Pod per L2 capability with Architecture, Engineering, Service Delivery, Control Owner, Programme Manager, and Product Management.
• Own all medium-rated and below risk Control Issues, Audit points and Regulatory findings.

• Competitive salary
• Annual performance-based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One-time reimbursement of home office set-up (up to 800 PLN)
• Corporate parties & events
• CSR initiatives
• Nursery discounts
• Financial support with trainings and education
• Social fund
• Flexible working hours
• Free parking

• sharing the costs of sports activities
• private medical care
• sharing the costs of professional training & courses
• life insurance
• remote work opportunities
• flexible working time
• integration events
• corporate sports team
• doctor’s duty hours in the office
• retirement pension plan
• corporate library
• no dress code
• coffee / tea
• parking space for employees
• leisure zone
• extra social benefits
• employee referral program
• opportunity to obtain permits and licenses
• charity initiatives
• family picnics
• extra leave
• In-office gym

• Online assessment
• Phone interview
• Job interview
• Welcome to HSBC!

HSBC Service Delivery (Polska) Sp. z o.o.