SOC Threat Analyst

HSBC is one of the world's largest banking and financial services organisations, operating in 64 countries. We aim to enable people and businesses to prosper, helping individuals realise their ambitions. We are seeking an experienced professional to join our team in the role of Security Operations Center (SOC) Threat Analyst. Role Purpose Operating within the Cybersecurity Global Defence function under the Global Head of Cybersecurity Operations, the Global Cybersecurity Operations (GCO) team provides coordinated “Network Defence” services for detection and response to cyber threats across HSBC's global assets. The GCO team consists of four sub‑functions: Monitoring & Threat Detection, Incident Management & Response, Information Protection & Response and Strategic Innovation & Operations. GCO partners closely with Cybersecurity Engineering, Service Reliability Engineering, Cyber Intelligence & Threat Analysis, and other HSBC functions. Main Activities Lead Analyst (GCO) – responsible for monitoring, detecting, triaging and responding to cyber threats 24/7. Cooperate with the Incident Management and Response Team to contain, mitigate and remediate incidents. Continuously improve detection capabilities through threat analysis and tuning of alerting rules. The Lead Analyst Must Function as a senior member of the Monitoring and Threat Detection team within an “Analysis POD” tasked with triage of threat events from the entire HSBC technology estate. Skills Excellent investigative skills, curiosity, and a drive to win. Creative and able to think like the enemy. Strong problem‑solving, troubleshooting, and decision‑making skills. Understanding of business needs and commitment to high‑quality service. High ethical standards, integrity, and sense of urgency. Experience defining and refining operational procedures for monitoring and detection. Good understanding of HSBC cyber‑security principles, global financial services models and compliance regulations. Knowledge of industry cyber‑security frameworks and standards (MITRE ATT&CK, OWASP, ISO2700x, PCI‑DSS, GLBA, EU data security, FFIEC, CIS, NIST). Strong communication skills and ability to produce concise reports for stakeholders. Fluent in English and local language. Technical Skills Analysis of threat event data and documentation of malicious activity. Expert knowledge of advanced attacker tactics, techniques and procedures. Proficiency with SIEM platforms and real‑time analysis. Expertise with EDR tooling for detection, prevention and threat hunting. Knowledge of IDS/IPS/HIPS, anti‑malware, firewalls, proxies, MSS. Proficiency with Windows, Linux, Citrix, ESX, macOS, etc. Understanding of TCP, UDP, DNS, DHCP, IPsec, HTTP and protocol analysis. Experience with incident‑response tools, techniques and processes. Scripting, programming or development of bespoke tooling. Experience with SOAR platforms and automation. Knowledge of AWS, Azure and GCP. Basic familiarity with forensic tools such as EnCase, FTK, Sleuth Kit, Kali Linux, IDA Pro. Industry Experience and Qualifications 5+ years in a cyber security senior analyst or similar role. Experience in an enterprise‑scale organisation, preferably in finance. Certifications such as CEH, OSCP, EnCE, SANS GSEC, GCIH, GCIA or CISSP. Formal education or advanced degree in Information Security, Cyber‑security, Computer Science, or related field. Competencies Analytic Thinking Effective Communication Conflict Resolution Strategic Vision Benefits & EEO Statement HSBC offers generous paid leave, fostering a culture of well‑being, balance and care. HSBC is an equal‑opportunity employer committed to building a culture where all employees are valued and respected. We encourage applications from all suitably qualified persons regardless of gender, sexual orientation, ethnicity, religion, disability, national origin, veteran status or other protected characteristics. Personal data will be handled in accordance with our Privacy Statement. ***Issued By HSBC Electronic Data Process Mexico Private LTD*** #J-18808-Ljbffr