Cybersecurity Principal Engineer
Company: CTI Education Group
Location: jersey city
Posted on: May 3, 2021
Job Description - Cybersecurity Principal Engineer
Cybersecurity Principal Engineer : 0000EX0R
At HSBC, the health and well-being of our employees remains of
utmost importance. Many of our roles are permitted to work from
home (in states in which HSBC is licensed to operate) until further
Cybersecurity Science and Analytics empowers Cybersecurity in
protecting the bank by leveraging data and innovative capabilities
to create effective and proactive security measures, as well as
enabling data driven business decisions. The CS&A mission is
critical to the protection of HSBC customers, the HSBC brand, HSBC
information, financial assets and ultimately shareholder value,
through ensuring HSBC remains a market leader in protecting our
customers and assets.
This highly skilled and specialized team maintain subject matter
expertise across a range of relevant topics, stays abreast of the
latest adversary tactics, techniques and methodologies, and
maintains the domain knowledge of advanced cyber security
techniques and procedures. This knowledge base is maintained
through close partnerships across HSBC and global engagements with
industry, academia, and government.
Cybersecurity Science and Analytics (CS&A) is made up of
four core towers, whos functions are to; move data, ensure it is in
the right structure, automate processes, design infrastructure and
keep the systems functioning (Data Engineering); manage the
analytic engines and develop capabilities that generate knowledge
(Analytic Engines); prove concepts and methods, while also solving
the tactical challenges presented to the organization (Advanced
Projects) and; develop the analytics methods (Artificial
The Principal Data Engineer will operate as the lead for the
Mexico branch under the Data Engineering tower and is accountable
- Developing and maintaining a highly skilled and effective team
of data engineers and Service Reliability Engineers (SREs)
- Implementing the strategic and tactical data engineering and
infrastructure requirements for the HSBC Cybersecurity Sciences and
- Drive four mission areas:
o Design and implement the infrastructure required for
performing the analytic and science mission
o Enable the optimal transfer of large datasets and
o Optimize analytic processes through scheme design and data
o Enable and drive automation throughout the sciences and
analytic mission areas
Impact on the Business
- Driving strategic capabilities. Creating innovative data driven
capabilities and prototypes that push the bounds of computer
- Prototyping and push to production HSBC analytic infrastructure
capabilities, leveraging the global HSBC footprint and datasets, as
well as external datasets, in a Cloud Environment
- Working across Cybersecurity Sciences and Analytics to ensure a
- Participation in and support of external offensive engagements
with industry partners, law enforcement and the wider security
community, that projects HSBC expertise in protecting the bank and
its customers against systemic threats.
- Supporting the development of a self-critical culture, whereby
identification of weaknesses in the banks control plane (people,
process and technology), are brought to light in an effective
manner, and addressed through performing strategic assessments that
analyze the processes, techniques and procedures across the HSBC
- Participation in special projects on behalf of HSBC and
Customers / Stakeholders
- Supports the development of the Cybersecurity Science and
Analytics function, engaging with colleagues across Cybersecurity
and other IT functions to drive and deliver sustainable operational
plans in line with department strategy.
- Leads and facilitates change through clear strategy,
operational planning and effective communication and stakeholder
- Drives business performance, clear thinking and utilises
experience whilst under pressure.
- Delivers sustainable business outcomes.
- Responsible for building effective technology and process
control capability that is continuously re-factoring to meet
evolving security and compliance needs
- Works closely with peers and business leads to build and
implement controls in alignment with risk-posture, architectural
constraints, company strategic direction and industry trends and
- Drives delivery of the highest standards and outcomes,
inspiring others to do the same. Focuses on medium and long term
goals even when under pressure or facing uncertainty. Manages
expectations, results and impact of agreed outcomes, thinking ahead
to identify and overcome potential issues.
- Strategically drives innovation to gain competitive advantage,
taking calculated, entrepreneurial risks to achieve business
outcomes. Generates an environment in which innovation is
seamlessly embedded into working practices.
Leadership & Teamwork
- Leads a customer-focused and collaborative culture by
championing customer and stake-holder engagement throughout the
- Demonstrates an understanding of customer and stakeholder
requirements by providing specialist input and knowledge and having
a detailed understanding of the different short and long term
shifts in business/function patterns of activity and demand.
- Understands and interprets developments and changes in future
business requirement and ensures the appropriate reaction and
response through discourse and the implementation of relevant,
security focused, technical and procedural solutions.
- Strengthens stakeholder relationships and enhances key
relationships using rapport-building expertise and appropriate
influencing skills to add and increase stakeholder advocacy. Key
relationships to include Functional heads across the other HOST
functions and external account managers for third party suppliers
and vendors, along with other regional counterparts across the
globe, Cultivate strong relationships with organisationally
important global and/or high value stakeholders with a tailored
Operational Effectiveness & Control
- Supports the development of the Cybersecurity Science &
Analytics Team, making sustainable decisions that protects and
enhances HSBCs values, reputation and stakeholder value.
- Actively encourages a learning culture, encouraging
collaboration and cross-functional working to develop and nurture
teams and identify talent.
- Authentically engages a diverse group of stakeholders
internally and externally to influence the achievement of best
outcomes for all stakeholders.
- Builds rapport and mutual understanding to communicate and
create opportunities for cross-business and/or international
working, encouraging debate and open discussion. Encourages people
to build sustainable relationships beyond transactional levels and
use empathy and insight to build better understanding of mutual
- Advanced coach / mentor contributes to the establishment of
good coaching and mentoring practices. Demonstrates alternative
techniques for diagnosing and coaching individuals and teams.
Management of Risk
- Governs risk responsibly. Promotes ethical management of risk
across regions and business areas within their area of
- Communicates changes in policy and governance effectively,
reinforcing risk processes within their area of
- Builds and sustains a risk aware culture. Shows integrity
whilst promoting and managing relevant monitoring and reporting
requirements within their area of responsibility.
- Embeds efficient risk and compliance processes and procedures
into business as usual practices.
- Builds collaborative relationships, defines and articulates to
stakeholders the targeted benefits for a change intervention.
- Demonstrates effective financial skills to develop a detailed
business case, including investments, detailed benefits (financial,
non-financial and strategic) and link to overall finances of the
- Identifies and highlights financial implications of
risks/issues, involves stakeholders and supports management of
budget variation as appropriate.
Observation of Internal Controls
- The jobholder will ensure the fair treatment (service
excellence) of our customers is at the heart of everything we do,
both personally and as an organisation.
- The jobholder will also continually reassess the IT Security
and operational risks associated with the role and inherent in the
business, taking account of changing economic or market conditions,
legal and regulatory requirements, operating procedures and
practices, management restructurings, and the impact of new
- This will be achieved by ensuring all actions take account of
the likelihood of operational risk occurring. Also by addressing
any areas of concern in conjunction with entity management and/or
the appropriate department.
- Maintains HSBC internal control standards, including timely
implementation of internal and external audit points together with
any issues raised by external regulators.
- The jobholder will also adhere to and be able to demonstrate
adherence to internal controls. This will be achieved by adherence
to all relevant procedures, keeping appropriate records and, where
appropriate, by driving the timely implementation of internal and
external audit points, including issues raised by external
regulators, and internally identified IT security risks.
- The jobholder will implement the group compliance policy by
containing compliance risk in liaison with Global Head of
Compliance, Global Compliance Officer, Area Compliance Officer or
Local Compliance Officer. The term compliance embraces all relevant
financial services laws, rules and codes with which the business
has to comply.
- This will be achieved by adhering to all relevant
processes/procedures and by liaising with compliance department
about new business initiatives at the earliest opportunity. Also
and when applicable, by ensuring adequate resources.
- A strong background in data engineering and/or Site Reliability
- Experience in deploying complex cloud based infrastructure
- Understanding in applying data engineering methods to the cyber
- Experience in PMP/Prince2, SCRUM, and Kanban program management
- Excellent understanding of cyber security principles, global
financial services business models, regional compliance regulations
and applicable laws.
- Excellent understanding and knowledge of common industry cyber
security frameworks, standards and methodologies, including; OWASP,
ISO2700x series, PCI DSS, GLBA, Global data security and privacy
acts, FFIEC guidelines, CIS, and NIST standards.
- An ability to communicate complex and technical issues to
diverse audiences, orally and in writing, in an easily-understood,
authoritative and actionable manner.
- Ability to orchestrate, manage and successfully implement major
procedural and technological change within a complex, global
- Experience in data engineering methods to include optimizing
data for data science, i.e. machine learning (ML), Satisfiability
modulo theories (SMT), and graph analysis methods
- Experience in infrastructure automation for customer and cloud
native tooling. Any cloud stack is acceptable but experience in
Azure is preferred
- Advanced understanding of data transport, data pipelining, data
cleaning, and data quality methods
- Advanced level knowledge and demonstrated experience in
developing and deploying real-time analysis capability of large
scale and often diverse data sets, that enable more effective,
efficient and coordinated defence capabilities
- Experience interfacing with technology teams to bring lab
concepts to market within an organisation and building effective
operational models to ensure capabilities are able to be fully
utilised and grow to meet the needs of the team
- Strong working knowledge in the thought process, methodologies,
and techniques used by advanced criminal and nation state
adversaries spanning multiple aspects of the security domain
Industry Experience and Qualifications
Candidates will be evaluated primarily upon their ability to
demonstrate the competencies required to be successful in the role,
as described above. For reference, the typical work experience and
educational background of candidates in this role are as
- 5+ years of experience leading teams of data engineering and/or
SRE subject matter experts
- Bachelors or Masters in computer science, engineering, or
All qualified applicants will receive consideration for
employment without regard to race, color, religion, sex, sexual
orientation, gender identity, national origin, disability, or
status as a protected veteran.
: North America-United States-New Jersey-Jersey City
Keywords: CTI Education Group, Jersey City , Cybersecurity Principal Engineer, Other , jersey city, New Jersey
Didn't find what you're looking for? Search again!