Some careers have more impact than others.
If you’re looking for a career where you can make a real impression, join HSBC and discover how valued you’ll be.
We are currently seeking an experienced professional to join our team in the role of Head of Cyber Service Resilience
Business: Cybersecurity
Principal responsibilities
Our Technology teams work closely with HSBC’s Global Businesses to design, build and run digital services that allow millions of our customers around the world to bank quickly, simply and securely. We run and manage our Technology infrastructure, datacentres and core banking systems that power the world’s leading international bank, with one of the largest technology estates in the industry.
We are looking for a technology leader to join us to shape and turbo-charge our management of key Cybersecurity IT services and tools, enabling the bank to manage our cyber risk every day, in every market. This includes maturing current practice to meet service resilience goals, contributing to the bank’s technology transformation programmes and communities of practice, and driving the expansion/uplift of our capabilities across Cybersecurity from approximately 35 services to ~180. Technologies in-scope of this role include (but are not limited to): EDR, SIEM/SOAR, data security, vulnerability management, identity management and network security technologies – with a mixture of in-house and 3rd party products. The incumbent team of 50 FTE will be grown to deliver the above.
The future role-holder will be key in driving Cybersecurity’s vision of Engineering Excellence: building a world-class engineering capability, empowering HSBC to successfully navigate cyber risk with innovative, responsive and frictionless technologies and services. A culture driven by empowerment, experimentation, learning, partnership and delivery. A place where engineers thrive, solving meaningful problems that keep the bank and its customers safe. The role-holder will report to the Group Head of Cybersecurity Defence Engineering.
- Lead Production Support for Cybersecurity’s technology services and tooling across the bank. Includes: ensuring leadership of major IT incidents involving cybersecurity services and providing 24x7 incident management for all Cyber IT Services (opt-out by agreement). Includes: providing L1 and L2 support, continuous monitoring and response services for system events, ensuring their triage and timely resolution. Includes supporting the negotiation and integration of 3rd party (inc. SaaS) tool production support services.
- Lead Problem Management for Cybersecurity’s technology services and tooling across the bank. Includes: driving problem prioritisation, steering, support and tracking to sustainable resolution. Includes conducting thematic assessments to proactively uplift practice and services learning from previous events.
- Lead hygiene management for Cybersecurity’s technology services across the bank. Includes: delivering infrastructure and agent patching, consuming and/or building respective automation; ensuring hygiene approaches are defined and maintained; driving vulnerability remediation across Cyber’s tech-stack; and driving central coordination, oversight, delivery, roadmaps, and maturity uplift of evergreening practice.
- Lead communities of practice for Cyber IT Service Owners for relevant themes and acting as Cyber’s delegate for communities across technology: service continuity planning, data back-up and recovery, and inventory management among others. Recommends and oversees respective goals and targets across Cyber. Identifies opportunities to assist Cyber IT Service Owners with commodifiable tasks, either by creating a support service or overseeing the out-sourcing of such activities to 3rd parties as appropriate.
- Drive Observability practise across Cybersecurity’s technology services across the bank. Includes: ensuring teams have agreed roadmaps to uplift logging, monitoring and alerting capabilities; provides a CoE for observability best practise and adoption; optimises related observability technology use (e.g. Splunk ITSI).
- Drives endpoint agent lifecycle management for all Cyber endpoint agents and sensors. Includes: working across Technology to delivery simplification of agent management via embedding agents in standard builds, automated testing, automated maintenance via Ansible/Terraform/Chocolatey etc.
- Develops and inspire a team of experienced engineers across multiple markets to meet our strategic aims.
- Creates a close partnership with Capability Engineering teams to deliver support for new products and services. Engaged in the handover of the product to service support teams throughout their operationalisation, including defining service levels / thresholds, and that runbooks exist and are maintained.