Global Defence Engineering is responsible for fielding solutions that help defend HSBC against a wide range of threats to the business as well as its customers, clients, partners, and staff. The team works in concert, with partner teams across HSBC, to implement novel defensive capabilities that are effective and adaptable against a constantly evolving threat landscape. The function operates under the vision: “Enabling HSBC to be safely successful everywhere the Firm chooses to do business”.
The Head of Network Access Control is responsible for developing and implementing strategies to ensure secure network access across HSBC. The role ensures the design, configuration, and maintenance of NAC solutions to protect the network infrastructure, enforcing access policies, and ensuring compliance with regulatory requirements. The NAC Capability Owner collaborates with stakeholders throughout the organisation to integrate NAC policies into the overall security architecture. This role requires deep technical expertise, strategic thinking and strong leadership and communication skills to effectively manage and enhance network access security firm wide.
responsibilities :
Define and deliver vision, strategy & roadmap of the Capability.
Prioritise teams backlogs based on objectives & value released to identify what teams work on next.
Lead definition of scope and prioritisation of user stories to be developed in teams, including acceptance criteria/definition of done.
Lead vendor relationships with owned technologies.
Interact with stakeholders across the organisation to understand their security needs and expectations.
Evaluate and adopt new technologies and practices which may impact the control environment.
Monitor and communicate progress of capability performance through agreed KPIs and metrics.
Run a Pod per L2 capability with Architecture, Engineering, Service Delivery, Control Owner, Program Manager and Product Management.
requirements-expected :
Leadership and managing skills. Strong stakeholder management skills, with experience of understanding and meeting the needs of multiple stakeholders. Demonstrated leadership experience with large, complex programmes, and deeply technical global expert teams. Seasoned technology leader with rich experience of leading engineering teams, supporting a group of platforms / services comprised of a mix of technologies and tools. Ability to influence beyond his/her department and to lead transformation initiatives to change behaviours and mindset which makes the bank better. Experience leading high performing teams of cybersecurity subject matter experts.
Communication and collaboration skills. An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner. Proven ability to collaborate across industry, academia, and government to solve complex cybersecurity problems. Experience working in a highly regulated, large multi-national environment.
Engineering background. Likely from a technology or engineering background with developed understanding of Technology Delivery Lifecycle, engineering practices, underlying infrastructure, tooling, and architecture & design principles. Engineering experience in a large enterprise. A background in information systems, technology, architecture, design, and service delivery of defence-in-depth capabilities.
Cybersecurity knowledge. Excellent understanding of cybersecurity principles, global financial services business models, as well as regional compliance standards, relevant local regulations, and applicable laws. Understanding and knowledge of common industry cyber security frameworks, standards, and methodologies, including OWASP, ISO2700x series, PCI DSS, GLBA, GDPR, Global data security and privacy acts, FFIEC guidelines, CIS and NIST standards. Strong commercial background and knowledge of cybersecurity offerings.
Deep understanding of networking concepts. Deep SME knowledge of network security, including capabilities aligned typically to firewalls and other networking technologies that control traffic flow by policy.
Cloud knowledge. Experience working within Cloud, SaaS and emerging cloud use-cases for web/mobile and enterprise companies. Specific background knowledge cloud technologies including Amazon Web Services, Google Cloud Platforms and Microsoft Azure.
Product owner experience. Experience in a product owner or technology strategy role in a large enterprise. Experienced in owning a capability, technology, or platform together with the responsibilities associated with running a team of up to 20 individuals.
offered :
Competitive salary
Annual performance-based bonus
Additional bonuses for recognition awards
Multisport card
Private medical care
Life insurance
One-time reimbursement of home office set-up (up to 800 PLN)
Corporate parties & events
CSR initiatives
Nursery discounts
Financial support with trainings and education
Social fund
Flexible working hours
Free parking (Cracow office)
benefits :
sharing the costs of sports activities
private medical care
sharing the costs of professional training & courses