Head of Network Enforcement Points - Sheffield, United Kingdom - HSBC

HSBC

Verified Company

Sheffield, United Kingdom

3 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

Job description

Head of Network Enforcement Points
Join a digital first bank that's powered by people.

Our technology team builds innovative digital solutions rapidly and at scale to deliver the next generation of banking services for our customers around the world.

In our cybersecurity team you'll be helping to safeguard the financial system on which millions of people depend.
You'll be making banking more secure by designing, implementing, and operating controls to manage cybersecurity risk.

You'll help define HSBC Group cyber security standards, deliver Global Security Operations ad Threat management services, provide round-the-clock monitoring and security incident response services, and oversee Network/Application/Infrastructure Security.

The work you do will provid3e assurance of the adequacy and effectiveness of security controls to Business Risk Owners.
Global Defense Engineering is responsible for fielding solutions that help defend HSBC against a wide range of threats to the
business as well as its customers, clients, partners, and staff. The team works in concert, with partner teams across HSBC,
to implement novel defensive capabilities that are effective and adaptable against a constantly evolving threat landscape.

The function operates under the vision:
"Enabling HSBC to be safely successful everywhere the Firm chooses to do business"
Global Defense Engineering is comprised of several inter-joined teams; Technical Director Office, Service Reliability &
Engineering, and Global Defence Service Delivery. Together, the function enables an adaptive and constantly evolving
capacity to address risks borne through an ever-shifting threat landscape. The function serves as an engine for innovation
and problem solving with partner teams across the Firm who share a common imperative to be the best for our customers
and drive the Global HSBC Purpose of "Opening up a world of opportunity".

As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package.

This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.

In this role you will:

Network Enforcement Point Capabilities (NEP) are key to securing HSBC networks wherever they are deployed.
NEP Capability owner will be responsible for all aspects of NEPs throughout their entire lifecycle, including the below:
Capability Engineering, Service Delivery, Operations, Control Ownership Activities Strategy, Capability Roadmaps, 2LOD Engagements & Capability Architecture
Defines & delivers vision, strategy & roadmap of the Capability.
Prioritises teams' backlogs based on objectives & value released to identify what teams work on next.
Lead definition of scope and prioritisation of user stories to be developed in teams, including acceptance criteria/definition of done.
Leads vendor relationships with owned technologies.
Interacts with stakeholders across the organisation to understand their security needs and expectations.
Evaluate and adoption of new technologies and practices which may impact the control environment.
Monitors & communicates progress of capability performance through agreed KPIs and metrics
Runs a Pod per L2 capability with Architecture, Engineering, Service Delivery, Control Owner, Program Manager and Product

Requirements
To be successful in this role you should meet the following requirements:

Demonstrated leadership experience with large, complex programmes, and deeply technical, global, expert teams.
A background in information systems, technology, architecture, design, and service delivery of defenseindepth capabilities.
Strong stakeholder management skills, with experience of understanding and meeting the needs of multiple stakeholders.
An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily understood, authoritative

and actionable manner.

Proven ability to collaborate across industry, academia and government to solve complex cybersecurity problems.
Excellent understanding of cybersecurity principles, global financial services business models, as well as regional compliance standards,

relevant local regulations, and applicable laws.

Experienced in owning a capability, technology or platform together with the responsibilities associated with running a team of up to 20

individuals

Understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including OWASP,

ISO2700x series, PCI DSS, GLBA, GDPR, Global data security and privacy acts, FFIEC guidelines, CIS and NIST standards.

Experience working within Cloud, SaaS and emerging cloud usecases for web/mobile and enterprise companies
Background with cloud technologies including Amazon Web Services and/or Google C