If you’re looking for a career where you can make a real impression, join Global Service Center (GSC) HSBC and discover how valued you’ll be. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.
We are currently seeking an experienced professional to join our team in the role of Client Experience, LAM Stream Lead
Role Purpose:
Operating within the Cybersecurity Global Defence function and under the management of the Global Head of Cybersecurity Operations, the Global Cybersecurity Operations (GCO) team provides a coordinated suite of “Network Defence” related services and are responsible for the detection and response to information and cybersecurity threats across the global HSBC assets and estate.
The GCO team is split into four distinct sub-functions:
Monitoring Threat Detection (MTD) – Monitoring, detection, alerting and triage of initial cyber-threat events.Incident Management Response (IMR) – Management and deep-dive investigation and response to cyber-incidents.Information Protection Response (IPR) – Management and response to information and data security incidents.Strategic Innovation Operations (SIO) – Continuous improvement of cyber-threat detection capabilities and process automation.Critical to the success of GCO are its close partnerships with other Cybersecurity Global Defence teams including Cybersecurity Engineering, Service Reliability Engineering, Cyber Intelligence Threat Analysis teams and the wider HSBC businesses and functions.
Main Activities:
Monitoring and Threat Detection Analysts are responsible for monitoring multiple HSBC networks simultaneously using the latest threat detection technologies to detect, analyse and respond to cyber security incidents. The Analyst will follow detailed processes and procedures to identify and analyse these incidents, escalating to and supporting more senior analysts based on the severity and potential impact of the incident. The primary responsibilities of the Analyst are:Monitoring the entire global HSBC technology and information estate for new attacks and log them to appropriate systems.Triaging potentially malicious events to determine severity and criticality of the event.Responding to alerts from the various monitoring/detection systems and platforms within defined SLAs.Following detailed processes and procedures to analyse, respond to and/or escalate cyber security incidents.Supporting cyber security incidents through to eradication and feedback lessons learned, in to improved cyber resilience.Analysing network traffic using a variety of analysis tools.Monitoring security appliance health and perform basic troubleshooting of security devices; notify security engineering as necessary for malfunctioning equipment.Analysing malicious artefacts obtained from network monitoring with a focus on generation of threat intelligence and service improvement.Identifying and developing new ideas to enhance our detection capability (Use cases) and mitigations (Playbooks) across the security platforms.Reviewing and validating new Use Cases and Playbooks created by Cybersecurity colleagues.Researching emerging threats and vulnerabilities to aid in the identification of cyber incidents.Applying structured analytical methodologies to maximise threat intelligence growth and service efficacy.Supporting handovers to other teams and countries at the start and end of the working shift.Contributing to the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes.Training, developing and mentoring colleagues in area(s) of specialism.Collaborating with the wider Cybersecurity (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose.