Lead Analyst/Cybersecurity/Hyderabad : 0000J449

Job Description

Job description The health and safety of our employees and candidates is very important to us. Due to the current situation related to the Novel Coronavirus (2019-nCoV), were leveraging our digital capabilities to ensure we can continue to recruit top talent at the HSBC Group. As your application progresses, you may be asked to use one of our digital tools to help you through your recruitment journey. If so, one of our Resourcing colleagues will explain how our video-interviewing technology will be used throughout the recruitment process and will be on hand to answer any questions you might have.Some careers shine brighter than others.If youre looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.We are currently seeking an experienced professional to join our team in the role of Lead AnalystIn this role, you will:

• Responding to alerts from across the entire global HSBC technology and information estate to quickly detect harmful behaviours and events, containing, mitigating, and remediating minor incidents and in coordination with the Cybersecurity Incident Management and Response Team, effectively containing, mitigating, and remediating more serious events.
• Supporting cyber security incidents through to eradication and feed into the Post Incident Review process that delivers detailed analysis on the root cause of incidents investigated and produces findings and recommendations that support control adjustments to better protect the bank.
• Identifying, developing, and implementing new detections (Use cases) and mitigations (Playbooks) across the security platforms.
• Reviewing and approving new Use Cases and Playbooks created by Cybersecurity colleagues.
• Continuously reviewing the effectiveness of analysis playbooks, processes, and tooling.
• Communicating new use cases (go-live, demise, tuning), to the cybersecurity operations teams, supporting the Cybersecurity Operations Manager in ensuring all teams are prepared to take on the additional workload and have sufficient tools, training, and capability to do so effectively.
• Researching emerging threats and vulnerabilities to aid in the identification of cyber incidents.
• Applying structured analytical methodologies to maximise threat intelligence growth and service efficacy.
• Supporting the Crew Leads during shift handovers, ensuring all team members are ready to manage ongoing incidents.
• Supporting the triage of potentially malicious events to determine severity and criticality of the event.
• Provide expert-level advice and technical leadership to the team, driving the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes.
• Train, develop, mentor, and inspire cybersecurity colleagues in area(s) of specialism.
• Collaborate with the wider Cybersecurity (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose.
• Identify processes that can be automated and orchestrated to ensure maximum efficiency of Global Cybersecurity Operations resources.
• Promote a self-critical and continuous assessment and improvement culture whereby identification of weaknesses in the banks control plane (people, process, and technology) are brought to light and addressed in an effective and timely manner.

Requirements To be successful in this role, you should meet the following requirements:

• 5+ years of technical experience in IT or IT Security, for example as a network or operating system administrator.
• Expert level knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM), EDR, Email Protection, Case Management & other cyber security tools.
• Expert level knowledge and demonstrated experience of common cybersecurity technologies such as IDS / IPS / HIPS, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS, etc.
• Good knowledge and technical experience of 3rd party cloud computing platforms such as AWS, Azure, and Google.
• Good knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Oracle, Citrix, GSX Server, iOS, OSX, etc.
• Good knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits.
• Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems.
• Good knowledge of key information risk management and security related standards including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines and NIST standards
• Good knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation, and remediation.
• Formal education and advanced degree in Computer Science or similar and/or commensurate demonstrated work experience in the same.
• CEH, EnCE, SANS GSEC, GCIH, GCIA CISSP or any similar Certifications.

Youll achieve more when you join HSBC.www.hsbc.com/careersHSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.Issued by - HSBC Software Development India

Keyskills :
Pci DssIpsecProxiesTcpUDPHipsDnsHttpIpsIncident ResponseDHCPOwaspIdsFirewallsprogrammingScriptingGLBAISO2700x seriesMssEU data security and privacy actsNIST standardsFFIEC guidelinesAdvanced Anti-malware prevention and analysis