Threat and Controls Consultant Specialist

at  HSBC

Sheffield, England, United Kingdom -

Start DateExpiry DateSalaryPosted OnExperienceSkillsTelecommuteSponsor Visa
Immediate22 Dec, 2024Not Specified25 Sep, 2024N/ARisk,Framework,New Opportunities,ArchitectureNoNo
Add to Wishlist Apply All Jobs
Required Visa Status:
CitizenGC
US CitizenStudent Visa
H1BCPT
OPTH4 Spouse of H1B
GC Green Card
Employment Type:
Full TimePart Time
PermanentIndependent - 1099
Contract – W2C2H Independent
C2H W2Contract – Corp 2 Corp
Contract to Hire – Corp 2 Corp

Description:

Job description
Threat and Controls Consultant Specialist
Join a digital first bank that’s powered by people.
Our technology team builds innovative digital solutions rapidly and at scale to deliver the next generation of banking services for our customers around the world.
In our cybersecurity team you’ll be helping to safeguard the financial system on which millions of people depend.
You’ll be making banking more secure by designing, implementing, and operating controls to manage cybersecurity risk. You’ll help define HSBC Group cyber security standards, deliver Global Security Operations ad Threat management services, provide round-the-clock monitoring and security incident response services, and oversee Network/Application/Infrastructure Security. The work you do will provid3e assurance of the adequacy and effectiveness of security controls to Business Risk Owners.
The Threat and Controls Consultant Specialist role will work as part of the global Cyber Security Consultancy Service team to provide subject matter advice and support on a wide variety of areas, and across all technologies and cybersecurity controls. This team provides early, specialist and general cybersecurity consultancy, ensuring that customers can meet HSBC’s security requirements, and advise the customer on the correct review processes required. This includes reviewing proof of concepts and providing bespoke advice.
You will be closely collaborating with peers across the many cybersecurity functions, Cybersecurity business and regional leads, as well as customers in all global business and functions
This is a senior role reporting into the Senior Consultant in the TCA (Threat and Controls Assessment) team
As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.

In this role you will:

  • Provide wide and varied subject matter expertise across multiple technologies, including Cloud Services.
  • Ensure that customers undertake the formal assurance reviews required to ensure secure operation.
  • Liaise with other Cybersecurity function SMEs, Business Owners, Developers, Architects and other Technical Leads to understand the end-to-end service you are providing subject matter advice on.
  • When required, perform effective threat and control assessments for complex services and platforms across the HSBC estate. This will include cloud platform reviews for Azure, AWS and GCP
  • Identify new opportunities to provide proactive cybersecurity consultancy with HSBC Business and Functions
  • Work with the CSAT management team to enhance and grow the Cybersecurity Consultancy Service.
  • Stay up to date within the industry of new trends and best practices
  • Provide supervision, guidance and mentor less experienced members of the global team
  • Act as a point of contact and source of advice on issues relating to Cybersecurity within the team

Requirements

To be successful in this role you should meet the following requirements:

  • Proven experience in general security concepts and principles, and application specific security concepts and principles.
  • Strong technical understanding and experience of assessing vulnerabilities and identifying weaknesses in diverse enterprise IT assets
  • Strong understanding of cloud platforms and controls
  • Strong understanding of application design and architecture
  • Experience in Risk and Control Management.
  • Ability to assess threats and controls, articulating these and residual risk to both technical and business stakeholders.
  • Knowledge of different frameworks and methodologies including Threat Modelling using STRIDE and the MITRE ATT&CK Framework
  • Communicating with a wide variety of stakeholders is a key part of this role, so this role requires good network and collaboration skills.
  • Identify new opportunities to provide proactive cybersecurity consultancy with HSBC Business and Functions.

This role is based in Sheffield .
Opening up a world of opportunity
Being open to different points of view is important for our business and the communities we serve. At HSBC, we’re dedicated to creating diverse and inclusive workplaces. Our recruitment processes are accessible to everyone - no matter their gender, ethnicity, disability, religion, sexual orientation, or age.
We take pride in being part of the Disability Confident Scheme. This helps make sure you can be interviewed fairly if you have a disability, long term health condition, or are neurodiverse.
If you’d like to apply for one of our roles and need adjustments made, please get in touch with our Recruitment Helpdesk:
Email: hsbc.recruitment@hsbc.com
Telephone: +44 207 832 8500

Responsibilities:

In this role you will:

  • Provide wide and varied subject matter expertise across multiple technologies, including Cloud Services.
  • Ensure that customers undertake the formal assurance reviews required to ensure secure operation.
  • Liaise with other Cybersecurity function SMEs, Business Owners, Developers, Architects and other Technical Leads to understand the end-to-end service you are providing subject matter advice on.
  • When required, perform effective threat and control assessments for complex services and platforms across the HSBC estate. This will include cloud platform reviews for Azure, AWS and GCP
  • Identify new opportunities to provide proactive cybersecurity consultancy with HSBC Business and Functions
  • Work with the CSAT management team to enhance and grow the Cybersecurity Consultancy Service.
  • Stay up to date within the industry of new trends and best practices
  • Provide supervision, guidance and mentor less experienced members of the global team
  • Act as a point of contact and source of advice on issues relating to Cybersecurity within the tea

To be successful in this role you should meet the following requirements:

  • Proven experience in general security concepts and principles, and application specific security concepts and principles.
  • Strong technical understanding and experience of assessing vulnerabilities and identifying weaknesses in diverse enterprise IT assets
  • Strong understanding of cloud platforms and controls
  • Strong understanding of application design and architecture
  • Experience in Risk and Control Management.
  • Ability to assess threats and controls, articulating these and residual risk to both technical and business stakeholders.
  • Knowledge of different frameworks and methodologies including Threat Modelling using STRIDE and the MITRE ATT&CK Framework
  • Communicating with a wide variety of stakeholders is a key part of this role, so this role requires good network and collaboration skills.
  • Identify new opportunities to provide proactive cybersecurity consultancy with HSBC Business and Functions


REQUIREMENT SUMMARY

Min:N/AMax:5.0 year(s)

Information Technology/IT

IT Software - Network Administration / Security

Information Technology

Graduate

Proficient

1

Sheffield, United Kingdom