Head of Cryptographic Key Management

Head of Cryptographic Key Management

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Your career opportunity

You’ll be making banking more secure by designing, implementing, and operating controls to manage cybersecurity risk. You’ll help define HSBC Group cyber security posture and deliver global cryptographic best practices and services. HSBC is undergoing a transformation of its Cryptography controls, tooling, practices and capabilities for on premise and cloud environments. The role is to work alongside Control Owner and lead a team of Cryptography SME’s to design and run cryptographic key management. Head of Cryptography Key Management is a capability owner role and reports to the Core Cryptography capability owner. Capability owners define and maintain Capability Strategy, supported by Enterprise Architecture, Security Architecture and Control Owners, in response to business strategies, regulator expectations, technology and practise advancement.

What you’ll do

• Define, and deliver vision, strategy, and roadmap for the key management.
• Lead assigned internal and external partners to deliver the agreed uplift in technology and practises.
• Work with business and technology owners to agree scope and priorities.
• Ensure that best Key Management practises are being followed across HSBC estate.
• Develop and deliver training and awareness programs to educate stakeholders and communities within Cyber about the key management.

What you need to have to succeed in this role

• Hands on experience of managing key standards, key inventories, and key lifecycle.
• Understanding and knowledge of common industry cyber security frameworks, standards, and methodologies, including but not limited to: NIST standards, FIPS, PCI DSS.
• Proven track record of working with technical, Cybersecurity and/or operations teams.
• Strong stakeholder management skills, with experience of understanding and meeting the needs of multiple stakeholders.
• Excellent understanding of cybersecurity principles, global financial services business models, as well as regional compliance standards, relevant local regulations, and applicable laws.
• A background in information systems, technology, architecture, design, and service delivery of defence-in- depth capabilities – nice to have.
• Demonstrated leadership experience with large, complex programmes, and deeply technical global expert – nice to have.
• An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative and actionable manner.

What we offer

• Competitive salary
• Annual performance-based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One-time reimbursement of home office set-up (up to 800 PLN).
• Corporate parties & events
• CSR initiatives
• Nursery discounts
• Financial support with trainings and education
• Social fund
• Flexible working hours
• Free parking

If your CV meets our criteria, you should expect the following steps in the recruitment process:

• Online assessment.
• Telephone screen.
• Job interview with the hiring manager.