Lead Analyst

at  HSBC

Job description
If you’re looking for a career where you can make a real impression, join Global Service Center (GSC) HSBC and discover how valued you’ll be. HSBC is one of the largest banking and financial services organisationsin the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realis their ambitions.
We are currently seeking an experienced professional to join our team in the role of Títulode puesto.

SKILLS

• Excellent investigative skills, insatiable curiosity and an innate drive to win.
• Instinctive and creative, with an ability to think like the enemy.
• Strong problem-solving and trouble-shooting skills.
• Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
• An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business.
• An understanding of organisational mission, values and goals and consistent application of this knowledge.
• Self-motivated and possessing of a high sense of urgency and personal integrity.
• Highest ethical standards and values.
• Experience defining and refining operational procedures, workflows and processes to support the team in consistent, quality execution of monitoring and detection.
• Good understanding of HSBC cyber security principles, global financial services business models, regional compliance regulations and laws.
• Good understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; MITRE ATT&CK, OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards.
• Good communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.
• Ability to speak, read and write in English, in addition to your local language.

TECHNICAL SKILLS

• Technical expertise in analysing threat event data, evaluating malicious activity, documenting unusual files and data and identifying tactics, techniques and procedures used by attackers.
• Expert level knowledge and demonstrated experience in analysis and dissection of advanced attacker tactics, techniques and procedures in order to inform adjustments to the control plane.
• Expert level of knowledge and demonstrated experience of common Security Information and Event Management (SIEM) platforms for the collection and real-time analysis of security information.
• Expert level knowledge of Enterprise Detect and Response (EDR) tooling for the identification, prevention and detection of cyber-threats and for use in triage, investigation and threat hunting.
• Detailed knowledge and demonstrated experience of common cybersecurity technologies such as; IDS / IPS / HIPS, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS, etc.
• Excellent knowledge and demonstrated experience of common operating systems and end user platforms to include Windows, Linux, Citrix, ESX, OSX, etc.
• Excellent knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits.
• Good knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation and remediation.
• Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems.
• Functional knowledge of Security Orchestration Automation and Response (SOAR) platforms including development and implementation of automation routines.
• Functional knowledge and technical experience of cloud computing platforms such as AWS, Azure and Google.
• Basic knowledge and demonstrated experience in common cybersecurity incident response and forensic investigation tools such as: EnCase, FTK, Sleuthkit, Kali Linux, IDA Pro, etc.

INDUSTRY EXPERIENCE AND QUALIFICATIONS

Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:

• 5+ years of experience in cyber security senior analyst role or similar.
• Experience within an enterprise scale organisation; including hands-on experience of complex data centre environments, preferably in the finance or similarly regulated sector.
• Industry recognised cyber security related certifications including; CEH, OSCP, EnCE, SANS GSEC, GCIH, GCIA, and/or CISSP.
• Formal education and advanced degree in Information Security, Cyber-security, Computer Science or similar and/or commensurate demonstrated work experience in the same.

Due to the urgent hiring need, candidates with immediate right to work locally and no relocation need will be prioritised.
At HSBC we offer our colleagues a greater number of leave days so that they can fully enjoy their wedding, take care of the new member of the family, or grieve the loss of a family member. Our paid leave package is at the forefront in Mexico, now you have one more reason to be HSBC and proudly live a culture of well-being, balance and care.
HSBC is an equal opportunity employer committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and, opportunities to grow within an inclusive and diverse environment. We encourage applications from all suitably qualified personsirrespective of, but not limited to, their gender or genetic information, sexual orientation, ethnicity, religion, social status, medical care leave requirements, political affiliation, people with disabilities, color, national origin, veteran status, etc., We consider all applications based on merit and suitability to the role.
Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.
Issued By HSBC Electronic Data Process Mexico Private LTD

• 5+ years of experience in cyber security senior analyst role or similar.
• Experience within an enterprise scale organisation; including hands-on experience of complex data centre environments, preferably in the finance or similarly regulated sector.
• Industry recognised cyber security related certifications including; CEH, OSCP, EnCE, SANS GSEC, GCIH, GCIA, and/or CISSP.
• Formal education and advanced degree in Information Security, Cyber-security, Computer Science or similar and/or commensurate demonstrated work experience in the same