Some careers shine brighter than others.
If you're looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.
HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.
We are currently seeking an experienced professional to join our team in the role of Senior Associate Director
In This Role, You Will
- Security Architecture: Work closely with the development and infrastructure teams to design and implement secure architecture solutions, ensuring that security is embedded in the development lifecycle.
- Risk Assessment: Conduct regular risk assessments, vulnerability assessments, and penetration tests to identify potential threats and vulnerabilities within the platform.
- Compliance Management: Ensure that the platform complies with industry regulations and standards, such as PCI-DSS, GDPR, and other relevant security frameworks.
- Data Protection: Implement and manage data protection strategies, including encryption, secure data storage, and secure transmission of sensitive information across the platform.
- Collaboration: Work closely with cross-functional teams, including development, DevOps, compliance, and legal, to ensure that security considerations are integrated into all aspects of the platform.
- Threat Intelligence: Stay updated on the latest security threats, vulnerabilities, and trends, and apply this knowledge to continuously improve the security posture of the platform.
- Security Awareness: Promote security awareness across the organization, providing training and guidance to employees on best practices for maintaining security in their roles.
- Compliance and Standards: Ensure adherence to all standards and policies within the area of Technology Engineering, including compliance with relevant controls and regulations.
- Support the business with identification of and management of their information security risks that are specific to their line of business/function
- Proactively monitor areas of concern and set direction for GPS globally and HBEU in both Cyber Security and Information Security Risk
- Work closely with key stakeholders from ISR, Cybersecurity and CIB IT Risk to set prioritisation on activity and ensure all stakeholders requirements are understood, reviewed and implemented where applicable.
- Develop a GPS & HBEU Cyber engagement strategy.
Requirements
To be successful in this role, you should meet the following requirements:
- 14+ years of experience in cybersecurity, with a focus on securing banking , regulations, and compliance requirements.
- Professional certifications such as CISSP, CISM, CRISC, or similar are highly desirable.
- Proven experience in conducting risk assessments, vulnerability assessments, and managing security risks in complex environments.
- Strong technical skills in areas such as encryption, firewalls, intrusion detection/prevention systems (IDS/IPS), network security, and secure software development practices.
- Experience with security monitoring tools, vulnerability management, and incident response processes.
- Proven experience in Securing cloud environments, knowledge of cloud-native security tools and best practices. Experience in integrating security measures into the overall cloud infrastructure design
- Actively manage and co-ordinate all key stakeholders who are involved in the management of Information Security and Cyber risk ensuring that there is sufficient oversight of the impacts to GPS & HBEU.
- Excellent analytical, problem-solving, and communication skills.
- Positive and professional attitude, team player, flexible and adaptable, open to change(s)
- Ability to quickly develop good working relationships with stakeholders
- Good spoken and written communication and ability to adapt style based on audience (Fluent in spoken / written English)
- Ability to communicate technical subject matter to non-technical stakeholders
- Ability to work collaboratively in a fast-paced, global environment.
Desirable Attributes
- Experience with cloud security (AWS, Azure, GCP).
- Familiarity with DevSecOps practices and secure software development lifecycle.
- Understanding of regulatory requirements affecting the banking sector.
You'll achieve more when you join HSBC.
www.hsbc.com/careers
HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.
Issued by HSBC Software Development India
