Requirements: English
Company: HSBC Service Delivery (Polska) Sp. z o.o.
Region: Krakw , Lesser Poland Voivodeship
technologies-expected :
- AWS
- Microsoft Azure
- Google Cloud Platform
about-project :
- Operating within the Cybersecurity function and under the management of the Global Head of Cybersecurity Operations, the Global Cybersecurity Operations (GCO) team provides a coordinated suite of Network Defence" related services and are responsible for the detection and response to information and cybersecurity threats across the global HSBC assets and estate.
responsibilities :
- Performing the technical and forensic investigations into cyber security events across the globe, taking responsibility for the timely identification of cyber-threats and where possible, minimising further risk to HSBCs information assets and services.
- Carrying out post-incident reviews, assessing the effectiveness of controls, detection and response capability and supporting the required improvements with the responsible owners.
- Performing the forensic services for the collection, processing, preservation, analysis, and presentation of evidence in support of vulnerability mitigation and information security incident investigations.
- Maintaining a strong awareness of technology trends and industry best practice, to enable the provision of informed advice and guidance to HSBC Business functions and HSBC IT.
- Collaboration with the wider GCO teams (and wider business/function teams where applicable) in the production and maintenance of efficient and effective incident response playbooks.
- Supporting the Identification, development and implementation of new detections (Use cases).
- Developing and defining detailed processes and procedures to manage the response to cyber security events.
- Directly contributing to the continued technical enhancement of the security platforms.
- Supporting the continued evolution of incident response and forensic capabilities and processes, including automation and orchestration.
- Training and developing other members of the Incident Management and Response team as well as other members of the Global Cybersecurity Operations function.
- Supporting a "self-critical" culture whereby identification of weaknesses in the banks control plane (people, process and technology) are brought to light in an effective manner and addressed.
- Production of Management Information related to the CSIRT mission that is appropriate to the target audience, supported by data and experienced analysis enabling informed decisions.
requirements-expected :
- 5+ years of experience in incident response and/or computer forensics.
- Excellent knowledge and demonstrated experience of common cybersecurity technologies such as; IDS / IPS / HIPS, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS, etc.
- Excellent knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suits.
- Excellent knowledge of common enterprise technology infrastructure, platforms and tooling, including; Windows, Linux, infrastructure management and networking hardware.
- Excellent knowledge and demonstrated experience in common cybersecurity incident response and forensic investigation tools such as: EnCase, FTK, Sleuthkit, Kali Linux, IDA Pro, DEFT, SANS SIFT, etc.
- Very good knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools, use of Big Data and Cloud-based solution for the collection and real-time analysis of security information.
- Good knowledge of common mobile platforms, such as Blackberry, iOS, Android and Windows.
- Some knowledge and technical experience of 3rd party cloud computing platforms such as AWS, Azure and Google.
offered :
- Competitive salary.
- Annual performance-based bonus.
- Additional bonuses for recognition awards.
- Multisport card.
- Private medical care.
- Life insurance.
- One-time reimbursement of home office set-up (up to 800 PLN).
- Corporate parties & events.
- CSR initiatives.
- Nursery discounts.
- Financial support with trainings and education.
- Social fund.
- Flexible working hours.
- Free parking (Cracow office).
benefits :
- sharing the costs of sports activities
- private medical care
- sharing the costs of professional training & courses
- life insurance
- remote work opportunities
- flexible working time
- integration events
- corporate sports team
- doctors duty hours in the office
- retirement pension plan
- corporate library
- no dress code
- coffee / tea
- parking space for e