The Cybersecurity Assessment and Testing (CSAT) function, part of Cybersecurity, is accountable for Vulnerability Management, Secure Development (inc. DevSecOps), Threat and Controls Assessment (inc. threat modelling) and Third-Party Security Assessment. The function drives the identification, capture, assessment, testing/verification and ultimately the remediation of security defects, gaps and vulnerabilities across HSBC’s estate in concert with business and technology teams – on-premise, within the Cloud and for those resulting from 3rd party engagements.
responsibilities :
Collaborate with both CSAT and Cybersecurity, the role-holder will be expected to contribute to, and to support delivery of the cybersecurity strategy.
Support Control Officers, Risk Stewards, Internal and External Audit, and Regulators with any relevant reviews, examinations and information requests.
Develop as an SME and help to inform wider embedding and training on the consultancy approach to peer TPSA analysts to build and develop the team.
Acting as a pioneer to prove the developing approach you will engage with other Cyber teams, Third Party Management, and other risk teams to deliver Cyber risk support at a global level.
Define and shape a developing approach for Cyber risk consultancy integrating into the end-to-end procurement process from supplier selection to completed onboarding and issue remediation on critical control gaps.
requirements-expected :
Knowledge and exposure of Risk and Control Management frameworks and control design and execution, in theory and practice.
Ability to understand and articulating defects, threats and technical gaps to both technical and business stakeholders.
Degree and/or similar experience, preferably in IT security in the Financial Services industry or global corporate service provider
Have one or more industry-recognised cybersecurity-related certifications including CISA, CISM, CISSP, CRISC and CCSP etc.
A demonstrable technical understanding in Cloud Security (particularly for SaaS) and AI is desired.
Experience in third party / supply chain governance.
Ability to prepare concise updates, reports and presentations for senior stakeholders.
Ability to manage multiple projects and priorities concurrently.
offered :
Competitive salary
Annual performance-based bonus
Additional bonuses for recognition awards
Multisport card
Private medical care
Life insurance
One-time reimbursement of home office set-up (up to 800 PLN)
Corporate parties & events
CSR initiatives
Nursery discounts
Financial support with trainings and education
Social fund
Flexible working hours
Free parking
benefits :
sharing the costs of sports activities
private medical care
sharing the costs of professional training & courses
