Principal SME Web Application Security Protection

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Your career opportunity

The Cloud DevOps engineers will work within an agile team of Engineers and Operations personnel building highly resilient, scalable and performant AWS infrastructure in an automated and efficient manner.  The engineers will work alongside the Application DevOps teams and cross-functional IT teams.  The engineers will be required to use their initiative to innovate to achieve maximum performance and be prepared to investigate and use new products/services offered by AWS.   

What you’ll do

• Support to coordinating migration of teams to WAF Central Rules in block mode for example. Development and realisation of new processes for new Operating Models.   

• Overseeing development and integration of central capabilities (Central SOC/SIEM) alerting and incident response etc.  

• Working with CSP Architecture and Core engineering DevOps Leads on enabling of WAF Rules on Internal facing services. Working with central ESP team to capture and define central security baseline rules / signatures. Working with application teams / support to migration of their services to new Central CSP Managed.

• Uses their networking and network security experience and knowledge to review Business and IT projects and provide advice and guidance, ensuring network security control requirements are satisfied.

• Identifies and drives opportunities to improve network security posture based on an understanding of current control and technology environment.

• Expert understanding of network security threats and risks, able to identify areas of network security risk and propose solutions.

• Excellent communication and interpersonal skills, with experience interacting with technical leaders and various layers of management considered a plus.

• Able to analyse network and cybersecurity data (e.g. system logs) to support decision making and evidence control effectiveness. Ability to build connections and work collaboratively across boundaries. Willingness to continuously learn and share learnings with others. Ability to coach and guide more junior team members as needed.

To succeed in this role you need to have:

• Candidate MUST have experience in working in at least one Cloud Provider and have experience working with CSP native WAF solutions or equivalent - Akamai in use of WAF Rules and DDoS protection.  

• Candidate will have experience working at scale in the use at least one CSP native WAF solutions or equivalent - Akamai WAF and DDoS protection solutions.  

• Candidate SHALL be able to demonstrate use of WAF and the applying of common rule sets within their organisation. Candidate SHALL will have experience working in central functioning role and be able to demonstrate effectiveness in working cross an organisation in applying common security baseline configuration for protection of services.   

• Candidate SHALL have experience in producing guidance, procedural and process documentation for consumption by multiple teams on WAF or equivalent Security Configuration for protection of services. 

• Candidate should be familiar key Industry and OpenSource standards for WAF. Candidate MUST have basic level Web Security understanding and be able to guide Web Application / UI Developers on security aspects relating to non-compliance to Security baseline configuration.  

• Candidate SHALL be able demonstrate experience in responding and handling adequately of Cyber-attacks (Layer 7 / DDoS attacks). Candidate SHALL have direct experience in Monitoring and Alerting of attacks in at least one CSP - AWS, Azure, GCP or equivalent  

• Candidate SHAL have strong understanding of Web Applications / HTML / JS sufficient enough to demonstrate they are capable in reviewing of signatures and identification of false positives. Candidate MUST be able to demonstrate an affective ability working with multiple functions of the business in the defining of processes, procedures and in the responding to security incidents.  

• Candidate will have expected to upskill where required of the role on CSP Native technologies, where maybe required during an incident to respond rapidly in analysing of attack signatures in near-Realtime and performing appropriate mitigation actions. Candidate shall have one or more CSP basic certifications - AWS, GCP or Azure.  Candidate SHOULD have experience working with Logging solutions such as Splunk in the filtering and alerting of issues.  

What we offer

• Competitive salary

• Annual performance-based bonus

• Additional bonuses for recognition awards

• Multisport card

• Private medical care

• Life insurance

• One-time reimbursement of home office set-up (up to 800 PLN).

• Corporate parties & events

• CSR initiatives

• Nursery discounts

• Financial support with trainings and education

• Social fund

• Flexible working hours 

• Free parking

If your CV meets our criteria, you should expect the following steps in the recruitment process:

• Online behavioural test (for external candidates only)

• Telephone screen (for external candidates only)

• Job interview with the hiring manager

We are looking to hire as soon as possible so don’t wait and apply now!

You'll achieve more when you join HSBC.