The Principal SME for Network Segmentation supports the Head of Network segmentation in defining requirements for the Capability vision, strategy, and roadmap for network segmentation across HSBC. This role ensures that network segmentation controls are effectively designed, implemented, and governed by bridging engineering, architecture, operations, and governance to align technical efforts with policy, compliance, regulatory, and business objectives.
In addition to providing technical direction and risk-based security expertise, the role contributes to evaluating the adoption of new network segmentation technologies and practices, supporting vendor relationships for owned technologies, and ensuring that progress is tracked and communicated through agreed KPIs and metrics.
responsibilities :
Volume of work and effectively prioritising the multiple requests for support.
Ensuring adherence to network security standards and the wider cybersecurity control framework.
Challenging the Status Quo / Raising the bar – looking for opportunities to continuously improve network security posture, promoting knowledge sharing and optimisation with the broader Cybersecurity team.
The complex systems and stakeholder environment.
Need to constructively challenge internal project teams and stakeholders (PMs, other technical SMEs) if required.
Working in a geographically dispersed team.
Working within a complex and constantly evolving technology landscape with evolving threats and risks.
Working within a strongly regulated business.
Balancing Security and Business Needs.
requirements-expected :
Strong technical expertise in network security, network segmentation, covering on-prem, cloud, and hybrid environments.
Deep understanding of modern network architectures, including Zero Trust Architecture, SD-WAN, SASE, cloud security frameworks and their threat landscapes.
Strong understanding of Financial IT environments, including cloud platforms (AWS, Azure, GCP), container security, and identity-based segmentation.
Hands-on network securty engineering background.
Security Architecture or Security design background.
Detailed understanding of network security threats and risks.
In-depth knowledge of network segmentation technical capabilities, including macro/micro-segmentation, policy-based access control, and risk-based zoning models.
Strong understanding of threat landscapes, attacker tactics (MITRE ATT&CK), and adversary behaviours and defensive countermeasures (MITRE D3FEND) related to network segmentation.
offered :
Competitive salary
Annual performance-based bonus
Additional bonuses for recognition awards
Multisport card
Private medical care
Life insurance
One-time reimbursement of home office set-up (up to 800 PLN)
Corporate parties & events
CSR initiatives
Nursery discounts
Financial support with trainings and education
Social fund
Flexible working hours
Free parking
benefits :
sharing the costs of sports activities
private medical care
sharing the costs of professional training & courses