Crowd Sourced Security Testing Analyst

ABOUT THE PROJECT

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

This job role is directly responsible for handling the day-to-day operations of the HSBC Bug Bounty Program. As part of this role, you will act as the escalation point of contact for any incoming security vulnerabilities received through the Bug Bounty Program and are expected to be an experienced pentester.

YOUR RESPONSIBILITIES

• Analyzing, assessing and responding to the security vulnerabilities received as part of Bug Bounty Program.

• Researching and reproducing the security vulnerabilities

• Performing the root cause analysis of the security vulnerabilities.

• Effectively communicating with the external security researchers

• Working closely with the appropriate stakeholders across departments to help them understand the risks, and the track remediation.

• Driving improvements including tooling, automation, and setting up processes

• Help drive the maturity of Bug Bounty Program by continuously improving quality of our services and removing inefficiencies, in line with wider Cybersecurity strategy.

• Advise on vulnerability remediation, control implementation and secure development practices

SKILLS & EXPERIENCE WE REQUIRE

• At least 4 years of prior demonstrable hands-on experience in penetration testing.

• Solid understanding of the platform security models for iOS and Android platforms.

• Excellent understanding of platform-specific security risks, common vulnerabilities for mobile applications, common risks in financial applications.

• Practical knowledge of penetration testing of widely understood infrastructure, web and mobile technologies, using manual and automated testing methods.

• Excellent TCP/IP knowledge and understanding of security implications/issues.

• Strong web application testing experience.

• Proven programming/scripting skills.

• Strong understanding of applied use of cryptography in application development.

WHAT WE OFFER

• Competitive salary

• Annual performance-based bonus

• Additional bonuses for recognition awards

• Multisport card

• Private medical care

• Life insurance

• One-time reimbursement of home office set-up (up to 800 PLN). Corporate parties & events

• CSR initiatives

• Financial support with trainings and education

• Social fund

• Flexible working hours 

• Free parking

HSBC Service Delivery (Polska) Sp. z o.o. is a part of HSBC Holdings plc, the parent company of the HSBC Group, headquartered in London. The Group serves customers worldwide from over 6,300 offices in over 75 countries and territories in Europe, Asia, North and Latin America, and the Middle East and North Africa. HSBC is one of the world’s largest banking and financial services organizations.