If you’re looking for a career where you can make a real impression, join Global Service Center (GSC) HSBC and discover how valued you’ll be. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.

We are currently seeking an experienced professional to join our team in the role Head of Infrastructure Security

Our Technology teams work closely with HSBC’s Global Businesses and Markets to design, build and run digital services that allow millions of our customers around the world to bank quickly, simply and securely. We run and manage Technology infrastructure, datacentres and core banking systems that power the world’s leading international bank, with one of the largest technology estates in the industry.

We are looking for a Cybersecurity leader to join us to shape our long-term strategy, and turbo-charge delivery, as the accountable owner for Infrastructure Security across the bank. This role covers the secure configuration of and consulting for operating systems (Unix/Lunix, Windows, zSeries, etc), databases (Oracle, MongoDB, DB2, etc), certain cloud assets (e.g. containers), middleware (WebSphere, MQ etc) and end-user devices (ATMs, VDI, mobile etc). This senior role reports directly into the Global Head of Cyber Technology Engineering.

Main Activities:

Strategy: Define and maintain our global strategy for Infrastructure Security, supported by engineers, platform owners, architects and multiple Control Owners, enabling business success, meeting regulatory expectation and best practise, whilst responding to current and likely threat actor evolution. Includes: security standards as code; continuous platform security assessments, and; risk-based capability expansion.Delivery: Own the investment roadmap for Infrastructure Security and its successful delivery across multiple partners. Enable multiple cyber mandates to be enforced by default. Ensure the transparent prioritisation of a common backlog to drive risk reduction, simplification and wider strategic needs. Influence and steer delivery within partner teams across Technology.Innovation: Empower HSBC to successfully navigate cyber risk with innovative, responsive and frictionless technologies and services, both those delivered in-house and from external partners. Foster and empower a culture of innovation, experimentation, and continuous improvement.Partnership: Form close partnerships with engineering teams: as design partners – for how capabilities will be implemented and operated, at times in novel ways; as customers – understanding their needs as they consume secure baselines or operationalise new platforms, and as delivery partners – prioritising change within Cybersecurity Engineering teams, and to drive bank-wide adoption of uplifts.Services: define, operate and mature secure baseline maintenance and security consulting to platform and infrastructure owners across the bank. Support / implement security changes on certain core platforms.Oversight: Ensure infrastructure security is overseen end-to-end, robustly and throughout the organisation: from platform acquisition, service deployment through to federated operation. Drive a data-centric approach to observability and assessment, wherever possible supported by automation, measures and analytics.Accountability: Ensure regulatory and risk management outcomes are being maintained or robustly managed. Ownership of High-Risk Audit, Regulator and self-identified issues. Ownership of the capability budget, balancing run and change investment. As a senior leader, contribute to and champion change across both Cybersecurity and Technology, occasionally outside of your primary remit.Talent: Lead, manage, invest in, recruit and inspire a team of highly skilled and performant SMEs across the globe. A culture driven by empowerment, experimentation, learning, partnership and delivery. A place where colleagues thrive, solving meaningful problems that keep the bank and its customers safe.

If you’re looking for a career where you can make a real impression, join Global Service Center (GSC) HSBC and discover how valued you’ll be. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.

We are currently seeking an experienced professional to join our team in the role Head of Infrastructure Security

Our Technology teams work closely with HSBC’s Global Businesses and Markets to design, build and run digital services that allow millions of our customers around the world to bank quickly, simply and securely. We run and manage Technology infrastructure, datacentres and core banking systems that power the world’s leading international bank, with one of the largest technology estates in the industry.

We are looking for a Cybersecurity leader to join us to shape our long-term strategy, and turbo-charge delivery, as the accountable owner for Infrastructure Security across the bank. This role covers the secure configuration of and consulting for operating systems (Unix/Lunix, Windows, zSeries, etc), databases (Oracle, MongoDB, DB2, etc), certain cloud assets (e.g. containers), middleware (WebSphere, MQ etc) and end-user devices (ATMs, VDI, mobile etc). This senior role reports directly into the Global Head of Cyber Technology Engineering.

Main Activities:

Strategy: Define and maintain our global strategy for Infrastructure Security, supported by engineers, platform owners, architects and multiple Control Owners, enabling business success, meeting regulatory expectation and best practise, whilst responding to current and likely threat actor evolution. Includes: security standards as code; continuous platform security assessments, and; risk-based capability expansion.Delivery: Own the investment roadmap for Infrastructure Security and its successful delivery across multiple partners. Enable multiple cyber mandates to be enforced by default. Ensure the transparent prioritisation of a common backlog to drive risk reduction, simplification and wider strategic needs. Influence and steer delivery within partner teams across Technology.Innovation: Empower HSBC to successfully navigate cyber risk with innovative, responsive and frictionless technologies and services, both those delivered in-house and from external partners. Foster and empower a culture of innovation, experimentation, and continuous improvement.Partnership: Form close partnerships with engineering teams: as design partners – for how capabilities will be implemented and operated, at times in novel ways; as customers – understanding their needs as they consume secure baselines or operationalise new platforms, and as delivery partners – prioritising change within Cybersecurity Engineering teams, and to drive bank-wide adoption of uplifts.Services: define, operate and mature secure baseline maintenance and security consulting to platform and infrastructure owners across the bank. Support / implement security changes on certain core platforms.Oversight: Ensure infrastructure security is overseen end-to-end, robustly and throughout the organisation: from platform acquisition, service deployment through to federated operation. Drive a data-centric approach to observability and assessment, wherever possible supported by automation, measures and analytics.Accountability: Ensure regulatory and risk management outcomes are being maintained or robustly managed. Ownership of High-Risk Audit, Regulator and self-identified issues. Ownership of the capability budget, balancing run and change investment. As a senior leader, contribute to and champion change across both Cybersecurity and Technology, occasionally outside of your primary remit.Talent: Lead, manage, invest in, recruit and inspire a team of highly skilled and performant SMEs across the globe. A culture driven by empowerment, experimentation, learning, partnership and delivery. A place where colleagues thrive, solving meaningful problems that keep the bank and its customers safe.An inquisitive approach, always asking how to achieve goals in a smarter and more effective way.An ability and interest to learn and experiment with new approaches to achieve business and cybersecurity outcomes, in different and often challenge contexts.Possess strong leadership skills to bring out the best in a team. This includes both direct leadership and cross-functional capabilities.Experience within fast-moving, complex and demanding corporate environments and able to provide appropriate direction to the team whilst dealing with ambiguity and change.Act as a role-model for more junior members of Cybersecurity and TechnologyAbility to engage with and influence senior peers and leadership.Managing, developing and retaining high-performing individuals in different geographies, often remotely.Proven ability to collaborate across industry, academia and government to solve complex problems. Ability to prepare concise presentations, reports and updates for senior management.Expert knowledge of Cryptography including PKI, key management, algorithms, protocols, and attacks.Robust understanding of common industry cyber security frameworks, standards, and methodologies, including PCI DSS, FFIEC guidelines, CIS and NIST standards.Strong analytical skills to identify and resolve complex problems, often with risk-risk trade-offs.Proven experience in technology leadership roles, running high performing technology teams.Proven experience working in a large scale, multi-national and technologically diverse environments.Prior experience of Financial Institutions is not required. Knowledge and exposure of the application of Risk and Control Management and associated frameworks, preferably from a multi-market institution.Ability to articulate technical threats, scenarios, controls and risks to both technical and business stakeholders. Influential, credible and persuasive, active listener, embraces HSBC Values, shows good judgement and demonstrates high level of communication skills to achieve effective stakeholder management.

Due to the urgent hiring need, candidates with immediate right to work locally and no relocation need will be prioritised.

At HSBC we offer our colleagues a greater number of leave days so that they can fully enjoy their wedding, take care of the new member of the family, or grieve the loss of a family member. Our paid leave package is at the forefront in Mexico, now you have one more reason to be HSBC and proudly live a culture of well-being, balance and care.

HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Issued By HSBC Electronic Data Process Mexico Private LTD

An inquisitive approach, always asking how to achieve goals in a smarter and more effective way.An ability and interest to learn and experiment with new approaches to achieve business and cybersecurity outcomes, in different and often challenge contexts.Possess strong leadership skills to bring out the best in a team. This includes both direct leadership and cross-functional capabilities.Experience within fast-moving, complex and demanding corporate environments and able to provide appropriate direction to the team whilst dealing with ambiguity and change.Act as a role-model for more junior members of Cybersecurity and TechnologyAbility to engage with and influence senior peers and leadership.Managing, developing and retaining high-performing individuals in different geographies, often remotely.Proven ability to collaborate across industry, academia and government to solve complex problems. Ability to prepare concise presentations, reports and updates for senior management.Expert knowledge of Cryptography including PKI, key management, algorithms, protocols, and attacks.Robust understanding of common industry cyber security frameworks, standards, and methodologies, including PCI DSS, FFIEC guidelines, CIS and NIST standards.Strong analytical skills to identify and resolve complex problems, often with risk-risk trade-offs.Proven experience in technology leadership roles, running high performing technology teams.Proven experience working in a large scale, multi-national and technologically diverse environments.Prior experience of Financial Institutions is not required. Knowledge and exposure of the application of Risk and Control Management and associated frameworks, preferably from a multi-market institution.Ability to articulate technical threats, scenarios, controls and risks to both technical and business stakeholders. Influential, credible and persuasive, active listener, embraces HSBC Values, shows good judgement and demonstrates high level of communication skills to achieve effective stakeholder management.

Due to the urgent hiring need, candidates with immediate right to work locally and no relocation need will be prioritised.

At HSBC we offer our colleagues a greater number of leave days so that they can fully enjoy their wedding, take care of the new member of the family, or grieve the loss of a family member. Our paid leave package is at the forefront in Mexico, now you have one more reason to be HSBC and proudly live a culture of well-being, balance and care.

HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified persons irrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Issued By HSBC Electronic Data Process Mexico Private LTD