1. Home
  2. IT development
  3. Cybersecurity Analyst

Offers “HSBC”

Expires soon
HSBC

Cybersecurity Analyst

  • Internship
  • Sheffield (South Yorkshire)
  • IT development
Apply Now

Job description



Cybersecurity Analyst

Big Bank Funding. FinTech Thinking.

Our technology teams in the UK work closely with HSBC's global businesses to help design and build digital services that allow our millions of customers around the world, to bank quickly, simply and securely. We also run and manage our IT infrastructure, data centres and core banking systems that power the world's leading international bank.

Our multi-disciplined teams include: DevOps engineers, IT architects, front and back end developers, infrastructure specialists, cyber experts, as well as project and programme managers.

We work in small, agile DevOps teams with colleagues around the world from our offices at the Bluefin Building in Southwark, our global headquarters in Canary Wharf, and multiple other locations around the UK including Sheffield, Leeds, Barnsley and Birmingham.

Following extensive investment across our Technology and Digital domains and with plans for continued expansion throughout 2020 and beyond, we are currently seeking a number of Security Analysts to join HSBC Technology.

Business Area Overview
· Global Cybersecurity Operations (GCO) provides a coordinated suite of “Network Defence” services responsible for detecting and responding to information and cybersecurity threats to HSBC assets across the globe and is under the management of the Head of Global Cybersecurity Operations. This includes dedicated functions for the monitoring and detection of threats within the global estate as well as Cybersecurity Incident Management and Response activities. These two principal functions are supported by additional internal GCO capabilities in; Cyber Intelligence and Threat Analysis, Security Sciences and Client Engagement and Support Services. Critical to the success of GCO is it close partnership with sister Cybersecurity teams, IT Infrastructure Delivery and Global Business and Function clients. The overall GCO mission is placed under the purview of the Group Chief Information Security Officer (CISO).
· The Cybersecurity Monitoring and Threat Detection Team are charged with efficiently and effectively monitoring the HSBC global technology and information estate 24x7. The team's mission is to detect the presence of any adversary within the estate, quickly analyse the severity and scope of the issue and work with the Cybersecurity Incident Management and Response Team to contain, mitigate and remediate the incursion. In addition, the team is responsible for constantly improving its detection capability through attack analysis and ensuring that the appropriate security event information is being fed into the team and that the alerting rules are tuned for maximum effectiveness. This mission is critical to the protection of HSBC customers, the HSBC brand, shareholder value, as well as HSBC information and financial assets.
· Analysts are responsible for monitoring multiple HSBC networks simultaneously using the latest threat detection technologies to detect, analyse and respond to cyber security incidents. The Analyst will follow detailed processes and procedures to identify and analyse these incidents, escalating to and supporting more senior analysts based on the severity and potential impact of the incident.

What you will be doing;
· Monitoring the entire global HSBC technology and information estate for new attacks and log them to appropriate systems.
· Triaging potentially malicious events to determine severity and criticality of the event.
· Responding to alerts from the various monitoring/detection systems and platforms within defined SLAs.
· Following detailed processes and procedures to analyse, respond to and/or escalate cyber security incidents.
· Supporting cyber security incidents through to eradication and feedback lessons learned, in to improved cyber resilience.
· Analysing network traffic using a variety of analysis tools.
· Monitoring security appliance health and perform basic troubleshooting of security devices; notify security engineering as necessary for malfunctioning equipment.
· Analysing malicious artefacts obtained from network monitoring with a focus on generation of threat intelligence and service improvement.
· Identifying and developing new ideas to enhance our detection capability (Use cases) and mitigations (Playbooks) across the security platforms.
· Reviewing and validating new Use Cases and Playbooks created by Cybersecurity colleagues.
· Researching emerging threats and vulnerabilities to aid in the identification of cyber incidents.
· Applying structured analytical methodologies to maximise threat intelligence growth and service efficacy.
· Supporting handovers to other teams and countries at the start and end of the working shift.
· Contributing to the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes.
· Training, developing and mentoring colleagues in area(s) of specialism.
· Collaborating with the wider Cybersecurity (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose.
· Identifying processes that can be automated and orchestrated to ensure maximum efficiency of Global Cybersecurity Operations resources.
· Promoting a “self-critical” and continuous assessment and improvement culture whereby identification of weaknesses in the bank's control plane (people, process and technology) are brought to light and addressed in an effective and timely manner.
· Supporting engagement in support of HSBC Global Businesses and Functions to drive a global up-lift in cyber-security awareness and help to evangelise HSBC Cybersecurity efforts and success.

Desired profile



Qualifications :

What you will bring to the role;


·  Knowledge of cyber security principles, global financial services business models, regional compliance regulations and laws.
·  Good understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards.
·  Experience analysing logs for indicators of compromise, collected from various network monitoring devices such as firewalls, IDS/IPS, web proxies, email filters, etc.
·  Excellent knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools, use of “Big Data” and Cloud-based solution for the collection and real-time analysis of security information.
·  Good knowledge and demonstrated experience of common cybersecurity technologies such as; IDS / IPS / HIPS, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS, etc.
·  Good knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Oracle, Citrix, GSX Server, iOS, OSX, etc.
·  Good knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suites.
·  Good knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation and remediation.
·  Good knowledge of key information risk management and security related standards including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines and NIST standards
·  Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems.
·  Functional knowledge and technical experience of 3rd party cloud computing platforms such as AWS, Azure and Google.
·  Basic knowledge and demonstrated experience in common cybersecurity incident response and forensic investigation tools such as: EnCase, FTK, Sleuthkit, Kali Linux, IDA Pro, etc.

This role will be Sheffield based but some travel may be required.




Come Power a Business that Defines How to Power the World

As a business operating in markets all around the world, we believe diversity brings benefits for our customers, our business and our people. This is why HSBC UK is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of background, circumstances, age, disability, gender identity, ethnicity, religion or belief and sexual orientation.

We want everyone to be able to fulfil their potential which is why we provide a range of flexible working arrangements and family friendly policies.

As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.

Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

Make every future a success.
  • Job directory
  • Business directory
    •