Threat Hunter

This inclusive employer is a member of myGwork – the largest global platform for the LGBTQ+ business community.

Job Description

Opening date 25-Apr-2024 Closing date 10-May-2024 Job description

If you're looking for a career where you can make a real impression, join Global Service Center (GSC) HSBC and discover how valued you'll be. HSBC is one of the largest banking and financial services organizations the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realis their ambitions.

We are currently seeking an experienced professional to join our team in the role of Cybersecurity Threat Hunter

Sitting within the Monitoring and Threat Detection sub-function, the 'Cybersecurity Threat Hunter' role is primarily charged with proactively searching through the HSBC global estate for evidence of malicious activities in our systems and on our networks and finding ways to illuminate behaviours that have managed to evade current defences. Rather than relying primarily on static indicators and reacting to automatic rules and alerts, the Threat Hunter uses a deep knowledge of internal defences, cyber-security expertise and the latest cyber-threat intelligence to develop hypotheses and anticipate how those attackers will seek to bypass existing controls to continuously improve our cyber-defences.

The Threat Hunter Is Accountable For

• Hunting for malicious or anomalous activity across the enterprise, using the various cybersecurity tools, platforms and capabilities available. Acting in co-ordination with GCO staff to lead the development and implementation of an advanced analysis and search capability focused on identifying potentially sophisticated APT and insider threat activities within the organisation.
• Leveraging a 'cyber intelligence led approach' to researching new and existing threat actors and associated tactics, techniques and procedures (TTPs); developing a detailed understanding of their potential impact to the organisation, providing, developing and implementing recommended solutions for improving our defensive and detective capability.
• Collaboration with Cybersecurity functions, e.g. Red Team, Cyber-threat Intelligence to develop hypotheses for the detection and/or presence of new attack techniques and evasion methods.
• Coordinating threat hunting activities, leveraging intelligence from multiple internal and external sources.
• Reviewing incident and penetration testing reports and corresponding logs, to identify gaps in our detection capability and provide recommendations to improve them.
• Providing expert analytic investigative support on large scale and complex security incidents.
• Contributing to the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes
• Training, mentoring and inspiring colleagues across the function and strengthening Cybersecurity Operations capabilities.
• Represent HSBC Global Cybersecurity Operations at internal awareness and external cybersecurity forums
• Collaborate with the wider Cybersecurity (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose.

---