.
Vulnerability Management Reporting Senior Analyst
  • Kraków
Vulnerability Management Reporting Senior Analyst
Kraków, Kraków, Lesser Poland Voivodeship, Polska
HSBC Service Delivery (Polska) Sp. z o.o.
15. 3. 2025
Informacje o stanowisku

technologies-expected :


  • Python
  • C+
  • PowerShell

about-project :


  • Global Cybersecurity is responsible for enabling businesses and functions to manage their information, technology and cybersecurity risks by ensuring these are well-understood, and that controls used the manage such events are defined, assessed and implemented appropriately. Cybersecurity predominantly delivers this via objective, independent, professional and specialized subject matter experts. The role forms part of the 1LoD in relation to the risk management framework.
  • The role of Vulnerability Management Reporting Senior Analyst will be to ensure the delivery of automated Operational and Business-related reporting. They will be responsible for supporting the delivery of Control Owner activities and Governance. Additionally, they will need to closely collaborate with the Head of Vulnerability Management, Federated Control Owners, key stakeholders in the CCO Technology, 2 and 3LOD.

responsibilities :


  • Detailed and accurate reporting of Vulnerability data to help drive and prioritise risk-based remediation across the bank.
  • Continual improvement in the depth and breadth of reporting capabilities against the Vulnerability Management control to support improvements in the bank’s security posture.
  • Triage and assessment of all new Vulnerability reporting requirements, ensuring requirements are clearly understood, link back to strategic deliverables and are planned appropriately.
  • Maintain and monitor all feeds into the Vulnerability reporting platform, reporting on impacts to vulnerability reporting and ensuring that relevant remediation activities to resolve feed issues are tracked and impacts reported to those utilising reports in a timely manner.
  • Contribute to responses to information requests from Regulators, Internal/ External Audit etc; and responses to 2LOD challenges/ Papers.
  • Providing commentary to routine governance submissions e.g. Cybersecurity Executive Committee Monthly Update, Risk Map, KCIs, KRIs.
  • Adhoc tasks as required, including support to CSAT operational activities.

requirements-expected :


  • Strong knowledge and experience in defining and understand use of critical data elements for Vulnerability Management, utilising big data systems, scanning technologies (e.g. Nessus, SAST, MAST and DAST scanning) and scripting or programming languages (e.g Python, C+, or PowerShell, VBA scripting).
  • Excellent organisational, administrative, analytical, problem solving and data management skills with the ability to work accurately and methodically whilst under pressure to meet deadlines.
  • Strong interpersonal skills with the ability to build effective working relationships with colleagues and work well as part of a team.
  • Proven track record on delivering activities on time to a high standard.
  • Excellent understanding of Databricks, SharePoint, Microsoft Teams and Confluence.
  • At least 3 years of experience in working as a threat & vulnerability management expert and developing programs or in IT Security.

offered :


  • Competitive salary
  • Annual performance-based bonus
  • Additional bonuses for recognition awards
  • Multisport card
  • Private medical care
  • Life insurance
  • One-time reimbursement of home office set-up (up to 800 PLN)
  • Corporate parties & events
  • CSR initiatives
  • Nursery discounts
  • Financial support with trainings and education
  • Social fund
  • Flexible working hours
  • Free parking

benefits :


  • sharing the costs of sports activities
  • private medical care
  • sharing the costs of professional training & courses
  • life insurance
  • remote work opportunities
  • flexible working time
  • integration events
  • corporate sports team
  • doctor’s duty hours in the office
  • retirement pension plan
  • corporate library
  • no dress code
  • coffee / tea
  • parking space for employees
  • leisure zone
  • extra social benefits
  • employee referral program
  • opportunity to obtain permits and licenses
  • charity initiatives
  • family picnics
  • extra leave
  • In-office gym

  • Praca Kraków
  • Kraków - Oferty pracy w okolicznych lokalizacjach


    89 650
    10 006