Watch Commander

-Job description

If you’re looking for a career where you can make a real impression, join Global Service Center (GSC) HSBC and discover how valued you’ll be. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.

We are currently seeking an experienced professional to join our team in the role of **Watch Commander**

Global Cybersecurity Operations (GCO) provides a coordinated suite of “Network Defense” services responsible for detecting and responding to information and cybersecurity threats to HSBC assets across the globe and is under the management of the Head of Global Cybersecurity Operations. This includes dedicated functions for the Monitoring and Detection of threats within the global estate as well as Cybersecurity Incident Management and Response activities. These two principal functions are supported by additional internal GCO capabilities in; Cyber Intelligence and Threat Analysis. Critical to the success of GCO is its close partnership with sister Cybersecurity teams, IT Infrastructure Delivery, and Global Business and Function clients. The overall GCO mission is placed under the purview of the Group Chief Information Security Officer (CISO).

The Cybersecurity Incident Management and Response Team will efficiently and effectively handle all cybersecurity incidents across the Group. This mission is critical to the protection of HSBC customers, the HSBC brand, shareholder value as well as HSBC information and financial assets.

The Watch Commander is charged with leading one of a number of Cybersecurity Operations Teams made up of analysts from across the multiple Cybersecurity Operations service lines, providing 24x7 global protection for the bank and its customers.

**Main responsabilities**:

- Managing and maintaining a highly skilled, efficient and effective local team across a number of Cybersecurity Operations service lines. Including supporting the definition, management and continuous improvement of the core functions and processes that underpin a successful, effective and globally scaled monitoring, alerting and security incident response capability.
- Ensure Cybersecurity Operations are handled at the best to minimize any impact to HSBC during their watch; leading the team to manage threats with top quality under risk-oriented approach.
- Ensuring a comprehensive and smooth hand-over between the global teams as shifts end and begin.
- Maintaining an up to date awareness and intelligence-led understanding of the current and predicted threat landscape so that impact to HSBC businesses or services can be anticipated and where possible, pre-emptive monitoring, alerting and response capabilities can be deployed.
- Collaboration with the wider GCO (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose.
- Identification of processes that can be automated and orchestrated to ensure maximum efficiency of global Cybersecurity Operations resources.
- Ensuring analysis time is efficiently focused on the more challenging and potentially higher risk problems and tasks, not on high-volume/low risk, repetitive tasks or processes, thus helping to effectively reduce false positive and false negative events.
- Managing the collaboration with the wider GCO teams (and wider business/function teams where applicable) in the production and maintenance of efficient and effective incident response playbooks.
Requirements
- 8+ years of experience in Cyber-security leadership position.
- Extensive experience in a technical leadership position within an enterprise scale organisation; preferably in the finance or similarly regulated sector
- Industry recognised cyber security related certifications including; EnCE, SANS GSEC, GCIH, GCFA, GCIA and/or CISSP
- Formal education and advanced degree in Information Security, Cyber-security, Computer Science or similar and/or commensurate demonstrated work experience in the same.Expert level of knowledge and demonstrated experience of common log management suites, Security Information and Event Management (SIEM) tools, use of “Big Data” and Cloud-based solution for the collection and real-time analysis of security information.
Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
Ability to orchestrate, manage and successfully implement major procedural and technological change within a complex, global organisation.
- At HSBC we offer our colleagues a greater number of leave days so that they can fully enjoy their wedding, take care of the new member of