Vulnerability Assessments SME Sheffield, England
Job description
Job Title: Vulnerability Assessment SME
Big Bank Funding. FinTech Thinking.
Our technology teams in the UK work closely with HSBC’s global businesses to help design and build digital services that allow our millions of customers around the world, to bank quickly, simply and securely. We also run and manage our IT infrastructure, data centres and core banking systems that power the world’s leading international bank.
Our multi-disciplined teams include: DevOps engineers, IT architects, front and back end developers, infrastructure specialists, cyber experts, as well as project and programme managers.
Role Description:
The Vulnerability Assessment SME is a key role within the Vulnerability Management team and the wider Cyber Security Assessment function. The role will report in to the Head of Vulnerability Management Assessment.
This role will provide ongoing assessment for newly identified vulnerabilities, and respond to business driven queries in relation to potential false positive vulnerability findings and /or guidance on mitigation approaches.
Responsibilities:
- Leading the review of all newly discovered vulnerabilities, to assess if the provided risk score is correctly reflecting the risk to HSBC.
- Monitoring external threat feeds to identify any newly reported external risks.
- Managing the review of assigned tickets, determining potential false positive and/ or mitigation on approaches, and providing expert guidance/ advice on remediation.
- Ensuring all patterns identified for remediation and/ or false positive identification, are clearly documented within the central tools and applied across the HSBC identified threat estate.
- Identify critical paths of operation, and ensure that they are followed to provide the most streamlined and efficient method of operating.
- Leading and managing thematic reviews in order to drive and maintain systematic uplifts and enhancements to CSAT and wider inter-operational units that help protect the bank.
- Maintain operational documentation on what reports are available and how to access and utilise existing filters.
- Conduct holistic reviews of the overall baseline security posture.
- Clear accountability and ownership of the Vulnerability Assessment and Response key control indicators and key risk indicators.
- Contribute to and inform requests from Regulators, Internal/ External Audit, and 2LOD challenges/ Papers.
Essential Skillset/Experience:
- The ability to understanding, apply, and improve elements of the Vulnerability Management Lifecycle.
- The ability to use multiple toolsets to convey information, obtain data, and make it meaningful to future plans.
- Lateral thinking and creative form to deploy expertise in the uplift of people skills, process identifications, and technological adjustments.
- The ability to recognise threats and risk, and act with insight to deliver a core part of the Cyber Security Operational model in HSBC. Multiple functions will come together to ensure the safety of the bank and the ability to continue business under any circumstances.
- Ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.
- Understanding and experience in the practical application and execution of:
- Vulnerability scanning technologies and their application (e.g. Nessus, SAST/MAST/DAST (Checkmarx, Netsparker, Fortify, IBM AppScan, etc.), Tenable.io, Security Center (or similar Vulnerability Scanning products), risk consolidation platforms).
- Vulnerability assessments, scoring and ratings and how they are applied.
- Patch Management.
- Business and architectural design, including controls analysis, process flows and data flows.
- Excellent organisational, administrative, analytical, and problem solving skills with the ability to work accurately and methodically whilst under pressure to meet deadlines.
- Instinctive and creative, with an ability to create and contribute to bespoke solutions.
The role will be based in Sheffield.
Come Power a Business that Defines How to Power the World
HSBC is committed to being an inclusive employer and providing an inclusive and accessible recruitment process for all. We will provide reasonable adjustments to remove any disadvantage to you being considered for this role. We are proud members of the Disability Confident Scheme, and will offer an interview to disabled candidates who meet the minimum criteria for the role. If you would like to receive any information in a different way or would like us to do anything differently to help you apply for our roles, please contact our Recruitment Helpdesk:
Email: [email protected]
Telephone: +44 2078328500.
