MyPage is a personalized page based on your interests.The page is customized to help you to find content that matters you the most.

I'm not curious

Senior Information Security Risk Analyst/Cybersecurity

Location Hyderabad, India
Posted 11-March-2021
The health and safety of our employees and candidates is very important to us. Due to the current situation related to the Novel Coronavirus (2019-nCoV), were leveraging our digital capabilities to ensure we can continue to recruit top talent at the HSBC Group. As your application progresses, you may be asked to use one of our digital tools to help you through your recruitment journey. If so, one of our Resourcing colleagues will explain how our video-interviewing technology will be used throughout the recruitment process and will be on hand to answer any questions you might have.

Some careers have more impact than others.

If youre looking for a career where you can make a real impression, join HSBC and discover how valued youll be.

HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.

We are currently seeking an experienced professional to join our team in the role of Senior SOC Analyst.

Principal responsibilities/Job Intro/ Role Context/ Detailed

Cybersecurity Monitoring and Threat Detection Team are charged with efficiently and effectively monitoring the HSBC global technology and information estate 24x7. The teams mission is to detect the presence of any adversary within the estate, quickly analyse the severity and scope of the issue and work with the Cybersecurity Incident Management and Response Team to contain, mitigate and remediate the incursion. In addition, the team is responsible for constantly improving its detection capability through attack analysis and ensuring that the appropriate security event information is being fed into the team and that the alerting rules are tuned for maximum effectiveness.
Analysts are responsible for monitoring multiple HSBC networks simultaneously using the latest threat detection technologies to detect, analyse and respond to cyber security incidents. The Analyst will follow detailed processes and procedures to identify and analyse these incidents, escalating to and supporting more senior analysts based on the severity and potential impact of the incident.
Monitoring the entire global HSBC technology and information estate for new attacks and log them to appropriate systems.
Triaging potentially malicious events to determine severity and criticality of the event.
Responding to alerts from the various monitoring/detection systems and platforms within defined SLAs.
Supporting cyber security incidents through to eradication and feedback lessons learned, in to improved cyber resilience.
Analysing network traffic using a variety of analysis tools.
Monitoring security appliance health and perform basic troubleshooting of security devices; notify security engineering as necessary for malfunctioning equipment.
Analysing malicious artefacts obtained from network monitoring with a focus on generation of threat intelligence and service improvement.
Identifying and developing new ideas to enhance our detection capability (Use cases) and mitigations (Playbooks) across the security platforms.
Reviewing and validating new Use Cases and Playbooks created by Cybersecurity colleagues.
Researching emerging threats and vulnerabilities to aid in the identification of cyber incidents.
Applying structured analytical methodologies to maximise threat intelligence growth and service efficacy.
Supporting handovers to other teams and countries at the start and end of the working shift.
Contributing to the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes.
Training, developing and mentoring colleagues in area(s) of specialism.
Collaborating with the wider Cybersecurity (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose.
Identifying processes that can be automated and orchestrated to ensure maximum efficiency of Global Cybersecurity Operations resources.
Promoting a self-critical and continuous assessment and improvement culture whereby identification of weaknesses in the banks control plane (people, process and technology) are brought to light and addressed in an effective and timely manner.
Supporting engagement in support of HSBC Global Businesses and Functions to drive a global up-lift in cyber-security awareness and help to evangelise HSBC Cybersecurity efforts and success.
Experience analysing logs for indicators of compromise, collected from various network monitoring devices such as firewalls, IDS/IPS, web proxies, email filters, etc.
Excellent knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools, use of Big Data and Cloud-based solution for the collection and real-time analysis of security information.
Good knowledge and demonstrated experience of common cybersecurity technologies such as; IDS / IPS / HIPS, Advanced Anti-malware prevention and analysis, Firewalls, Proxies, MSS, etc.
Good knowledge and demonstrated experience of common operating systems and platforms to include Windows, Linux, UNIX, Oracle, Citrix, GSX Server, iOS, OSX, etc.
Good knowledge of common network protocols such as TCP, UDP, DNS, DHCP, IPSEC, HTTP, etc. and network protocol analysis suites.
Good knowledge and demonstrated experience in incident response tools, techniques and process for effective threat containment, mitigation and remediation.
Good knowledge of key information risk management and security related standards including OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines and NIST standards
Functional knowledge of scripting, programming and/or development of bespoke tooling or solutions to solve unique problems.
Functional knowledge and technical experience of 3rd party cloud computing platforms such as AWS, Azure and Google.
Basic knowledge and demonstrated experience in common cybersecurity incident response and forensic investigation tools such as: EnCase, FTK, Sleuthkit, Kali Linux, IDA Pro, etc.


Requirements/ Knowledge, Experience & Qualifications.

Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:
3years of experience in similar cyber security analyst role
Experience within an enterprise scale organisation; including hands-on experience of complex data centre environments, preferably in the finance or similarly regulated sector
Industry recognised cyber security related certifications including; CEH, EnCE, SANS GSEC, GCIH, GCIA and/or CISSP
Formal education and advanced degree in Information Security, Cyber-security, Computer Science or similar and/or commensurate demonstrated work experience in the same.
Candidate with less relevant experience or skills may be offered a lower Global Career Band than stated above.
Min 3 to 6 Years.

Awards & Accolades for MyTechLogy
Winner of
Top 100 Asia
Finalist at SiTF Awards 2014 under the category Best Social & Community Product
Finalist at HR Vendor of the Year 2015 Awards under the category Best Learning Management System
Finalist at HR Vendor of the Year 2015 Awards under the category Best Talent Management Software
Hidden Image Url