Senior Red Teamer - London, United Kingdom - HSBC

HSBC

Verified Company

London, United Kingdom

3 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

Job description

Senior Red Teamer
Join a digital first bank that's powered by people.

Our technology team builds innovative digital solutions rapidly and at scale to deliver the next generation of banking services for our customers around the world.

In our cybersecurity team you'll be helping to safeguard the financial system on which millions of people depend.
You'll be making banking more secure by designing, implementing, and operating controls to manage cybersecurity risk.

You'll help define HSBC Group cyber security standards, deliver Global Security Operations ad Threat management services, provide round-the-clock monitoring and security incident response services, and oversee Network/Application/Infrastructure Security.

The work you do will provid3e assurance of the adequacy and effectiveness of security controls to Business Risk Owners.

The Red Team, within the Global Cybersecurity Research & Offensive Security (CROS) function, conducts targeted assessments against critical areas of the Bank, designed to simulate real-world attacks; focusing on people, process and technology.

The role holder will be responsible for managing and executing threat intelligence led Red Team engagements and leading a team of highly skilled red teamers.

Additionally, the role holder will be responsible for managing stakeholders (including regulators) to clearly scope Red Team engagements, define objectives and direct a delivery approach that minimizes operational risk.

As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package.

This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.

In this role you will:

Responsible for managing and executing threat intelligence led Red Team engagements.
Leading a team of highly skilled red teamers.
Responsible for managing stakeholders (including regulators) to clearly scope Red Team engagements, define objectives and direct a delivery approach that minimizes operational risk.
Support growth and engage with a diverse set of stakeholders in order to achieve CROS objectives, including Business and Functions, Cybersecurity leads, Head of Cybersecurity functions, Control Owners and Regulators
Provide oversight and control over third party Threatled Penetration Tests in line with the varied regional regulatory requirements and the organizations risk appetite

Requirements
To be successful in this role you should meet the following requirements:

Demonstrated experience in meeting red team regulatory requirements.
Understanding of TLPT Frameworks such as CBEST, iCast, TIBER, CORIE, AASE
Demonstrable experience in vulnerability identification and exploitation.
Knowledge of malware packing, obfuscation, persistence, exfiltration techniques
Knowledge on bypassing security controls such as DLP, Endpoint Protection, Firewalls, IDS/IPS and Web Proxies.

This role is based in London.
Opening up a world of opportunity
Being open to different points of view is important for our business and the communities we serve. At HSBC, we're dedicated to creating diverse and inclusive workplaces. Our recruitment processes are accessible to everyone - no matter their gender, ethnicity, disability, religion, sexual orientation, or age.
We take pride in being part of the Disability Confident Scheme.

This helps make sure you can be interviewed fairly if you have a disability, long term health condition, or are neurodiverse.

If you'd like to