Windows Security Engineer

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Your career opportunity

Join our team! HSBC’s Global IT Organisation (circa 40,000 FTE, $4bn costs) is one of the largest technology functions. Ensuring IT has the appropriate processes embedded and operating efficiently is critical to its effectiveness and ability to maintain its position as a market leader. 

The Cybersecurity Global Defence function supports a number of technologies and services across a globally dispersed team. This includes Windows, Cryptography and Encryption technology, Data Loss Prevention, Security Infrastructure and Vulnerability Management. 

What you’ll do

• Technical security standards management – Ensure Windows technical security standards are reviewed and maintained.
• Process and procedure management - Ensure all Windows Cybersecurity processes and procedures are maintained.
• Internal control assurance – Manage the reviewing, gathering of evidence and reporting on effectiveness of Windows controls.
• Risk and audit issue management – Ensure regulatory, risk and audit issue mitigation actions against Windows are actioned within agreed timescales and periodic reporting of such is maintained.
• Provide consultancy to projects to ensure compliance with HSBC security standards.
• Evaluate security solutions proposed by project teams.
• Evaluate software packaging requests in line with security standards.
• Evaluate GPO change requests in line with security standards.
• Supporting compliance reporting across the Windows domain.
• Supporting the establishment of HSBC as a valued contributor to information sharing efforts across the industry that helps to drive a positive image of the bank with our peers and regulators in the markets we serve.
• Supporting a “self-critical” culture whereby identification of weaknesses in the bank’s control plane (people, process and technology) are brought to light in an effective manner and addressed.
• Supporting a culture of individual self-improvement, whereby staff are expected to maintain subject matter expertise within their area of focus and within the realm of cybersecurity more broadly.
• Supporting engagement of Global Businesses and Functions everywhere HSBC does business, that drives a global up-lift in cybersecurity awareness, helping to “tell the story” of HSBC Cybersecurity efforts.
• Supporting engagement within the Lines of Defence Risk Management framework adopted by HSBC, to ensure complete transparency and effective working relationships across all lines of defence.
• Train, develop and mentor less experienced analysts.
• Branding and Communications – increasing exposure across the function including presentations for the Heads of Functions

What you need to have to succeed in this role

• Excellent technical knowledge and security management of Windows Operating System essential
• Security Information and Event Management (SIEM) knowledge desirable – Splunk knowledge preferred
• VBA and PowerShell scripting
• Familiarity with SharePoint, Confluence and JIRA
• McAfee product set experience preferred – including ENS, Drive Encryption and Application Control (Solidcore)
• Configuration Baseline Management experience desirable but not essential
• Business Analysis skills.
• Good understanding and knowledge of common industry cyber security frameworks.
• Excellent communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.
• Resilient and tenacious with a propensity to persevere
• Results focused with an ability to work autonomously
• Stakeholder management skills with the ability to interact at all levels
• Excellent verbal and presentation skills
• Experience of being a part and contributor to small teams, across different global regions and a desire to build on this experience is essential.

Optional:

• Formal education in Information Security, Cybersecurity, Computer Science or similar and/or commensurate demonstrated work experience
• Industry qualifications (CISSP, CISA, CISM).

What we offer

• Competitive salary
• Annual performance-based bonus
• Additional bonuses for recognition awards
• Multisport card
• Private medical care
• Life insurance
• One-time reimbursement of home office set-up (up to 800 PLN)
• Corporate parties & events
• CSR initiatives
• Nursery and kindergarten discounts
• Language classes
• Financial support with trainings and education
• Social fund
• Flexible working hours 
• Free parking

If your CV meets our criteria, you should expect the following steps in the recruitment process:

• Telephone screen
• Zoom interview with the hiring manager

We are looking to hire as soon as possible so don’t wait and apply now!

You'll achieve more when you join HSBC.