Join a digital-first bank that’s powered by people.
Our technology team builds innovative digital solutions rapidly and at scale to deliver the next generation of banking services for our customers around the world.
In our cybersecurity team, you’ll help safeguard the financial system on which millions depend. Your role involves designing, implementing, and operating controls to manage cybersecurity risks, defining HSBC Group cybersecurity standards, delivering Global Security Operations and Threat Management services, providing 24/7 monitoring and incident response, and overseeing Network, Application, and Infrastructure Security. Your work will assure the effectiveness of security controls for Business Risk Owners.
Offensive Security offers an independent challenge to HSBC’s cybersecurity posture by simulating real-world attacks to identify vulnerabilities across people, processes, and technology, enabling proactive risk management.
The Security Research team within Global Offensive Security specializes in assessing system security, identifying unknown vulnerabilities, and developing new attack techniques.
As an HSBC employee in the UK, you will access tailored professional development, competitive pay, private healthcare, enhanced maternity and adoption benefits, and a contributory pension scheme.
In this role, you will:
1. Deliver security research projects focused on HSBC’s critical services, ensuring controls do not expose the bank to significant risk.
2. Identify previously unknown vulnerabilities and attack techniques.
3. Work with stakeholders to proactively reduce cybersecurity risks and improve HSBC’s security posture within the risk appetite.
4. Provide expertise and guidance to global business and functions.
5. Engage with critical bank programs and understand the financial services security landscape.
6. Collaborate with diverse stakeholders, including Business, Cybersecurity leads, and Control Owners.
7. Drive performance, compliance, and security excellence.
8. Develop tools and automate security assessment processes.
9. Engage with Cybersecurity Technology, Operations, and Architecture teams.
10. Build strong team relationships across HSBC and its global functions.
11. Establish and maintain operational controls within tools and systems.
12. Identify new project opportunities and demonstrate innovative thinking.
13. Maintain excellent relationships with clients and stakeholders, demonstrating sensitivity and understanding.
14. Analyze the evolving security threat landscape and apply innovative security solutions.
Minimum requirements:
* Experience in penetration testing
* Experience with 0-day discovery and vulnerability disclosure
* Understanding of Linux, Windows, Android, and iOS operating systems
* Experience in third-party vulnerability disclosure
* Experience with black-box security review techniques, including fuzzing and reverse engineering
This role is based in Sheffield.
HSBC is committed to diversity and inclusion, offering accessible careers and support for candidates with disabilities or neurodivergence during recruitment. For accommodations, contact our Recruitment Helpdesk via email at hsbc.recruitment@hsbc or call +44 207 832 8500.
#J-18808-Ljbffr