Sr. Associate Director, Cybersecurity Specialist

The Principal SME - Network Security Consultancy is responsible for providing subject matter consultancy, thought leadership and project delivery in relation to Network Security control issues and initiatives.  The holder of the role should have a focus on network security products, solutions, architecture, and best practices, being able to apply those to the real-world challenges faced by HSBC as the organisation seeks to maintain and improve the network security controls required to mitigate network-based threats and risks.

 

This role is part of the Network Security function within the Cybersecurity Technology and Engineering organisation, providing a Cybersecurity security technology controls consultancy service to the wider HSBC organisation.

 

This role supports and is supported by the Head of Network Security Consultancy and the Head of Network Security, with the expectation that the Principal SME - Network Security Consultancy provides technical consultancy and SME knowledge to the engagements and projects assigned to them, taking ownership, and driving to a successful conclusion, and supports more junior team members providing coaching, guidance and leadership as needed, whilst ensuring the Head of Network Security Consultancy and the Head of Network Security are updated on any issues requiring support

Impact on the Business/Function

·       Uses their networking and network security experience and knowledge to review Business and IT projects and provide advice and guidance, ensuring network security control requirements are satisfied.

·       Identifies and drives opportunities to improve network security posture based on an understanding of current control and technology environment.

·       Expert understanding of network security threats and risks, able to identify areas of network security risk and propose solutions.

·       Excellent communication and interpersonal skills, with experience interacting with technical leaders and various layers of management considered a plus.

·       Able to analyse network and cybersecurity data (e.g. system logs) to support decision making and evidence control effectiveness.

·       Ability to build connections and work collaboratively across boundaries.

·       Willingness to continuously learn and share learnings with others.

Ability to coach and guide more junior team members as needed

Quality of Work

·          Ensure a high quality of work and on time delivery by consistently taking responsibility for one's own work, reviewing it against quality standards, and consistently seeking to achieve zero quality errors.

·          Consistently seek to achieve the set quality benchmark and support more junior team members in achieving the same.

·          Seek ways to improve the set quality benchmark.

Support implementation of identified corrective and preventive actions to reslove issues

Customers / Stakeholders

• Develop and maintain relationships within the Cybersecurity Network Security team.
• Develop and maintain relationships with the wider Cybersecurity Global Defence and Cybersecurity Operations teams.

Develop and maintain relationships with other key internal stakeholder groups such as Resilience Risk and Connectivity

Leadership & Teamwork

• Keep abreast with industry standards and best practices for enterprise network security through attending regular training programmes and seminars.
• Collaborate with colleagues both within and outside the team to share best practices.
• Provide leadership and guidance to more junior team members. This may involve formal line management of resources in some circumstances.
• Take the lead on larger, more complex engagements, representing Network Security interests as delegate for team lead.

Demonstrate HSBC’s values and behaviours.

Operational Effectiveness & Control

• Proactively address issues and drive continuous improvement.
• Continually reassess the network security risks inherent in the business taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, management restructurings, and the impact of new technology.
• Ensure compliance with all Group, GSC, company and department policies and procedures, constantly updating knowledge and understanding of such, raising questions and concerns with team leads or managers as necessary, and taking personal responsibility for abiding as required.
• Ensure that all activities are in accordance with Compliance standards.
• Maintain HSBC internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators.

Major Challenges

·       Volume of work and effectively prioritising the multiple requests for support.

·       Ensuring adherence to network security standards and the wider cybersecurity control framework.

·       Challenging the Status Quo / Raising the bar – looking for opportunities to continuously improve network security posture, promoting knowledge sharing and optimisation with the broader Cybersecurity team.

·       The complex systems and stakeholder environment.

·       Need to constructively challenge internal project teams and stakeholders (PMs, other technical SMEs) if required.

·       Working in a geographically dispersed team.

·       Working within a constantly evolving technology landscape with evolving threats and risks.

Working within a strongly regulated business