Job Description
Some careers shine brighter than others.
If you’re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.
HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.
We are currently seeking an experienced professional to join our team in the role of Vulnerability Assessments – Consultant Specialist
In this role, you will:
- Leading the review of all newly discovered vulnerabilities, to assess if the provided risk score is correctly reflecting the risk to HSBC.
- Monitoring external threat feeds to identify any newly reported external risks.
- Managing the review of assigned tickets, determining potential false positive and/ or mitigation on approaches, and providing expert guidance/ advice on remediation.
- Ensuring all patterns identified for remediation and/ or false positive identification, are clearly documented within the central tools and applied across the HSBC identified threat estate.
- Identify critical paths of operation and ensure that they are followed to provide the most streamlined and efficient method of operating.
- Leading and managing thematic reviews in order to drive and maintain systematic uplifts and enhancements to CSAT and wider inter-operational units that help protect the bank.
- Maintain operational documentation on what reports are available and how to access and utilise existing filters.
- Conduct holistic reviews of the overall baseline security posture.
- Clear accountability and ownership of the Vulnerability Assessment and Response key control indicators and key risk indicators.
- Contribute to and inform requests from Regulators, Internal/ External Audit, and 2LOD challenges/ Papers.
- Supporting the commentary for routine governance submissions e.g. Cybersecurity Executive Committee Monthly Update, Risk Map, KCIs, KRIs.
- Supporting Imminent threat review sessions, and deputising for the chair when required.
- Engaging with the Global Head of Vulnerability Management, and relevant team members to review and gain approval for submissions and ensure information requests are aligned with the group risk appetite providing the expected responses.
- Adhoc tasks as required, including support to CSAT operational activities, handling escalations and requests from any team or angle.
