Head of Database & Lake Platform Security

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Your career opportunity

Global Defense Engineering is responsible for fielding solutions that help defend HSBC against a wide range of threats to the business, customers, clients, partners, and staff.  The team works in concert with partner teams across HSBC to implement novel defensive capabilities that are effective and adaptable against a constantly evolving threat landscape. The function operates under the vision: “Enabling HSBC to be safely successful everywhere the firm chooses to do business.”

What you’ll do

• Define secure configuration baselines for database management system software, including but not limited to Oracle, Db2, SAP ASE, SQL Server, Db2 z/OS, MongoDB, and PostgreSQL, Teradata, HADOOP.
• Work with database technical subject matter experts to agree secure configuration baselines.
• Work with database technical subject matter experts to define/develop/implement checks for compliance scans.
• Work with database technical subject matter experts to provide remediation guidance for IT Service Owners.
• Work with the Configuration Baseline Management team to ensure they receive configuration compliance data.
• Interact with stakeholders across the organisation to understand their security needs and expectations. 
• Define and maintain capability strategy, supported by Enterprise Architecture, Security Architecture and, Control Owners, in response to business strategies, regulator expectations, technology and practice advancement, best practice, and threat actor evolution [will overlap with Architecture]. 
• Ensure success with delivery partners (in alignment with support functions). Runs / drives respective Delivery forum, QBRs, SteerCos and Capability PODs. 
• Maintain and prioritise a capability backlog based on objectives and value released to identify what teams work on next. Supports the prioritisation of backlogs from supporting technology and operations/service teams. 
• Close working with Control Owners: Oversees Control Owner activity from a technical point-of-view, e.g. accurate assessment of control defect severities. 
• Close working with Service Owners: understands general performance of associated services, exceptions, customer feedback and service uplift roadmaps. 
• Close working with Technology/Platform Owners: understands general performance of associated IT services, significant bugs, technology health, customer feedback and technology uplift roadmaps (including technical debt resolution).  
• Run a Pod per L2 capability with Architecture, Engineering, Service Delivery, Control Owner, Programme Manager, and Product Management 
• Own all medium-rated and below risk Control Issues, Audit points and Regulatory findings. 

What you need to have to succeed in this role

• Minimum 5 years’ in-depth experience with multiple database technologies from the list of Oracle, Db2, SAP ASE, SQL Server, Db2 z/OS, MongoDB, and PostgreSQL, Teradata, HADOOP.
• Demonstrated experience with database platform security.
• Minimum 2 years’ experience leading a technical team.
• Demonstrated understanding of and experience with Center for Internet Security (CIS) benchmarks.
• Strong stakeholder management skills, with demonstrated experience of understanding and meeting the needs of multiple stakeholders.
• Excellent communication skills, including the ability to translate complex technical concepts into business-friendly language.
• Customer-centric consultancy approach.
• Strong analytical and problem-solving skills.
• Ability to manage budgets and allocate resources effectively.
• Reliant and adaptive to changing situations, with strong desire to delegate and empower the team.

What we offer

• Competitive salary
• Annual performance-based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One-time reimbursement of home office set-up (up to 800 PLN).
• Corporate parties & events
• CSR initiatives
• Nursery discounts
• Financial support with trainings and education
• Social fund
• Flexible working hours 
• Free parking

If your CV meets our criteria, you should expect the following steps in the recruitment process:

• Online behavioural test 
• Telephone screen 
• Interview with the hiring manager. 

We are looking to hire as soon as possible so don’t wait and apply now!

You'll achieve more when you join HSBC.