Cybersecurity Principal Engineer

Job Description - Cybersecurity Principal Engineer (0000EX0R)

Job Description

Cybersecurity Principal Engineer : 0000EX0R

Description

At HSBC, the health and well-being of our employees remains of utmost importance. Many of our roles are permitted to work from home (in states in which HSBC is licensed to operate) until further notice.

Cybersecurity Science and Analytics empowers Cybersecurity in protecting the bank by leveraging data and innovative capabilities to create effective and proactive security measures, as well as enabling data driven business decisions. The CS&A mission is critical to the protection of HSBC customers, the HSBC brand, HSBC information, financial assets and ultimately shareholder value, through ensuring HSBC remains a market leader in protecting our customers and assets.

This highly skilled and specialized team maintain subject matter expertise across a range of relevant topics, stays abreast of the latest adversary tactics, techniques and methodologies, and maintains the domain knowledge of advanced cyber security techniques and procedures. This knowledge base is maintained through close partnerships across HSBC and global engagements with industry, academia, and government.

Cybersecurity Science and Analytics (CS&A) is made up of four core towers, whos functions are to; move data, ensure it is in the right structure, automate processes, design infrastructure and keep the systems functioning (Data Engineering); manage the analytic engines and develop capabilities that generate knowledge (Analytic Engines); prove concepts and methods, while also solving the tactical challenges presented to the organization (Advanced Projects) and; develop the analytics methods (Artificial Intelligence).

The Principal Data Engineer will operate as the lead for the Mexico branch under the Data Engineering tower and is accountable for:

• Developing and maintaining a highly skilled and effective team of data engineers and Service Reliability Engineers (SREs)
• Implementing the strategic and tactical data engineering and infrastructure requirements for the HSBC Cybersecurity Sciences and Analytics Office
• Drive four mission areas:

o Design and implement the infrastructure required for performing the analytic and science mission

o Enable the optimal transfer of large datasets and information

o Optimize analytic processes through scheme design and data structuring

o Enable and drive automation throughout the sciences and analytic mission areas

• Driving strategic capabilities. Creating innovative data driven capabilities and prototypes that push the bounds of computer security analytics
• Prototyping and push to production HSBC analytic infrastructure capabilities, leveraging the global HSBC footprint and datasets, as well as external datasets, in a Cloud Environment
• Working across Cybersecurity Sciences and Analytics to ensure a collaborative environment
• Participation in and support of external offensive engagements with industry partners, law enforcement and the wider security community, that projects HSBC expertise in protecting the bank and its customers against systemic threats.
• Supporting the development of a self-critical culture, whereby identification of weaknesses in the banks control plane (people, process and technology), are brought to light in an effective manner, and addressed through performing strategic assessments that analyze the processes, techniques and procedures across the HSBC mission areas.
• Participation in special projects on behalf of HSBC and CS&A leadership.

• Supports the development of the Cybersecurity Science and Analytics function, engaging with colleagues across Cybersecurity and other IT functions to drive and deliver sustainable operational plans in line with department strategy.
• Leads and facilitates change through clear strategy, operational planning and effective communication and stakeholder management.
• Drives business performance, clear thinking and utilises experience whilst under pressure.
• Delivers sustainable business outcomes.
  • Responsible for building effective technology and process control capability that is continuously re-factoring to meet evolving security and compliance needs
  • Works closely with peers and business leads to build and implement controls in alignment with risk-posture, architectural constraints, company strategic direction and industry trends and best practices.
• Drives delivery of the highest standards and outcomes, inspiring others to do the same. Focuses on medium and long term goals even when under pressure or facing uncertainty. Manages expectations, results and impact of agreed outcomes, thinking ahead to identify and overcome potential issues.
• Strategically drives innovation to gain competitive advantage, taking calculated, entrepreneurial risks to achieve business outcomes. Generates an environment in which innovation is seamlessly embedded into working practices.

• Leads a customer-focused and collaborative culture by championing customer and stake-holder engagement throughout the team.
• Demonstrates an understanding of customer and stakeholder requirements by providing specialist input and knowledge and having a detailed understanding of the different short and long term shifts in business/function patterns of activity and demand.
• Understands and interprets developments and changes in future business requirement and ensures the appropriate reaction and response through discourse and the implementation of relevant, security focused, technical and procedural solutions.
• Strengthens stakeholder relationships and enhances key relationships using rapport-building expertise and appropriate influencing skills to add and increase stakeholder advocacy. Key relationships to include Functional heads across the other HOST functions and external account managers for third party suppliers and vendors, along with other regional counterparts across the globe, Cultivate strong relationships with organisationally important global and/or high value stakeholders with a tailored approach.

• Supports the development of the Cybersecurity Science & Analytics Team, making sustainable decisions that protects and enhances HSBCs values, reputation and stakeholder value.
• Actively encourages a learning culture, encouraging collaboration and cross-functional working to develop and nurture teams and identify talent.
• Authentically engages a diverse group of stakeholders internally and externally to influence the achievement of best outcomes for all stakeholders.
• Builds rapport and mutual understanding to communicate and create opportunities for cross-business and/or international working, encouraging debate and open discussion. Encourages people to build sustainable relationships beyond transactional levels and use empathy and insight to build better understanding of mutual benefits.
• Advanced coach / mentor contributes to the establishment of good coaching and mentoring practices. Demonstrates alternative techniques for diagnosing and coaching individuals and teams.

• Governs risk responsibly. Promotes ethical management of risk across regions and business areas within their area of responsibility.
• Communicates changes in policy and governance effectively, reinforcing risk processes within their area of responsibility.
• Builds and sustains a risk aware culture. Shows integrity whilst promoting and managing relevant monitoring and reporting requirements within their area of responsibility.
• Embeds efficient risk and compliance processes and procedures into business as usual practices.
• Builds collaborative relationships, defines and articulates to stakeholders the targeted benefits for a change intervention.
• Demonstrates effective financial skills to develop a detailed business case, including investments, detailed benefits (financial, non-financial and strategic) and link to overall finances of the business.
• Identifies and highlights financial implications of risks/issues, involves stakeholders and supports management of budget variation as appropriate.

• The jobholder will ensure the fair treatment (service excellence) of our customers is at the heart of everything we do, both personally and as an organisation.
• The jobholder will also continually reassess the IT Security and operational risks associated with the role and inherent in the business, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, management restructurings, and the impact of new technology.
• This will be achieved by ensuring all actions take account of the likelihood of operational risk occurring. Also by addressing any areas of concern in conjunction with entity management and/or the appropriate department.

• Maintains HSBC internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators.
• The jobholder will also adhere to and be able to demonstrate adherence to internal controls. This will be achieved by adherence to all relevant procedures, keeping appropriate records and, where appropriate, by driving the timely implementation of internal and external audit points, including issues raised by external regulators, and internally identified IT security risks.
• The jobholder will implement the group compliance policy by containing compliance risk in liaison with Global Head of Compliance, Global Compliance Officer, Area Compliance Officer or Local Compliance Officer. The term compliance embraces all relevant financial services laws, rules and codes with which the business has to comply.
• This will be achieved by adhering to all relevant processes/procedures and by liaising with compliance department about new business initiatives at the earliest opportunity. Also and when applicable, by ensuring adequate resources.

Skills

• A strong background in data engineering and/or Site Reliability Engineering
• Experience in deploying complex cloud based infrastructure
• Understanding in applying data engineering methods to the cyber security domain
• Experience in PMP/Prince2, SCRUM, and Kanban program management methods
• Excellent understanding of cyber security principles, global financial services business models, regional compliance regulations and applicable laws.
• Excellent understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, ISO2700x series, PCI DSS, GLBA, Global data security and privacy acts, FFIEC guidelines, CIS, and NIST standards.
• An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative and actionable manner.
• Ability to orchestrate, manage and successfully implement major procedural and technological change within a complex, global organization.

• Experience in data engineering methods to include optimizing data for data science, i.e. machine learning (ML), Satisfiability modulo theories (SMT), and graph analysis methods
• Experience in infrastructure automation for customer and cloud native tooling. Any cloud stack is acceptable but experience in Azure is preferred
• Advanced understanding of data transport, data pipelining, data cleaning, and data quality methods
• Advanced level knowledge and demonstrated experience in developing and deploying real-time analysis capability of large scale and often diverse data sets, that enable more effective, efficient and coordinated defence capabilities
• Experience interfacing with technology teams to bring lab concepts to market within an organisation and building effective operational models to ensure capabilities are able to be fully utilised and grow to meet the needs of the team
• Strong working knowledge in the thought process, methodologies, and techniques used by advanced criminal and nation state adversaries spanning multiple aspects of the security domain

Industry Experience and Qualifications

Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:

• 5+ years of experience leading teams of data engineering and/or SRE subject matter experts
• Bachelors or Masters in computer science, engineering, or IT

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Job Field

Primary Location

Other Locations

Didn't find what you're looking for? Search again!

• Let jersey city recruiters find you. Post your resume for free!
• Get jersey city Other jobs via email.


• View more Jersey City Other jobs