Job Description

Join a digital first bank thatxe2x80x99s powered by people.Our technology team builds innovative digital solutions rapidly and at scale to deliver the next generation of banking services for our customers around the world.We have an entrepreneurial mindset. Our people work together, creating an agile, collaborative, and innovative culture. Youxe2x80x99ll learn and expand your skills, plus we will support you every step of the way as you grow your career.The Managed File Transmission Team is responsible for managing file transfers for both internal and external customers of HSBC via the shared file gateways on a variety of different platforms, products, technology and standards supporting file transfers across the HSBC Group for all lines of businesses.The team supports several technologies that provide highly reliable, resilient and secure services. The team is responsible for all aspects of the project lifecycle ensuring that bank policies, guidelines, governance and standards are defined where necessary and followed. Team members are also expected to explore new process and procedure and continually seek improvement of themselves and the File Transmissions Domain globally by closely working with the MFT Engineering Team.The role will work with senior leaders to deliver on complex, enterprise-level initiatives that are a part of the bank's overall strategic direction. The Technical Leader will play an integral role in defining and developing the MFT Security Policy, and to ensure compliance against all other related HSBC Security Policies and Standards. The role will help grow effective partnership with HSBC Cybersecurity team to understand and respond to the Cyber threat landscapeAs an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.In this role you will:

• Develop security policies, procedures and plans to ensure robust governance
• Act as MFT security authority, advising MFT technology teams
• Evaluate risk at the technical and system process levels by assessing systems for compliance with established security control frameworks such as CAF, NIS/NIS2, ISO27001,NIST CSF and CIS
• Produce detailed, high quality risk assessments and reports, highlighting security issues, recommending improvements to technical and governance controls, and providing solutions to mitigate identified security risks
• Understand the business and information risk landscape, including common business drivers, cyber security threats, and operation challenges faced by the MFT teams
• Assesses risk at both technical and business process level, effectively communicating findings and recommendations to key stakeholders both verbally and in writing
• Review the effectiveness of existing controls against recognised frameworks and suggests appropriate security enhancements
• Research and analyse security technologies to support the proposition of innovative security solutions for MFT services and technology
• Perform complex risk assessments and threat modelling to support new technologies or design patterns
• Adhere to HSBC policy, procedures and control requirements applicable to day-to-day working, exceptional and project activities, and raise any concerns about actual or potential issues promptly, in line with reporting and escalation procedures.
• Apply policies, procedures, practices and standards to their allocated tasks, taking responsibility for their own actions, to ensure the achievement of high levels of quality, effective risk management and regulatory compliance.

To be successful in this role you should meet the following requirements:

• Experience developing security policies, threat modelling and determining risk
• Strong knowledge of CAF, NIS/NIS2, ISO27001, NIST CSF and CIS and risk assessment methodologies
• Experience with reviewing security standards, controls, and policies and recommending enhancements.
• Good understanding of security testing principles, including experience of vulnerability scanning, identifying, resolving and reporting risks.
• Experience leading and delivering Cybersecurity projects.
• Ability to perform complex risk assessments and threat modelling to support new technologies or design pattern.
• Technical writing experience in relevant areas, including queries, reports, and presentations

This role is based in Sheffield.Opening a world of opportunityBeing open to different points of view is important for our business and the communities we serve. At HSBC, wexe2x80x99re dedicated to creating diverse and inclusive workplaces - no matter their gender, ethnicity, disability, religion, sexual orientation, or age. We are committed to removing barriers and ensuring careers at HSBC are inclusive and accessible for everyone to be at their best. We take pride in being a Disability Confident Leader and will offer an interview to people with disabilities, long term conditions or neurodivergent candidates who meet the minimum criteria for the role.If you have a need that requires accommodations or changes during the recruitment process, please get in touch with our Recruitment Helpdesk:Email:Telephone: +44 207 832 8500

HSBC