JPC-221081 - cyber security - Neha Area
Job Posted: May 14, 2024 | Total views: 1

Job Description:

• Job Description

   

  •       Minimum 7/8 years information security experience – preferably in a Cyber security and risk assessment capacity

  •       Technical knowledge of application security development lifecycle – preferably DevSecOps

  •       Desirable – CISSP, CSX or CRISC

  •       Good communication skills, be able to talk to a variety of stakeholders include senior people

  •       Empowered to drive Cybersecurity initiatives within department

  •       Be able to manage and drive Cybersecurity projects driven at group level

  •       Be able to provide suggestions/ improvement in DevSecOps process and MI reporting

   

  Knowledge Leadership

  •       Provide training sessions for key IT staff to uplift Security awareness and Secure development expectations

  •       Provide guidance and help to IT delivery teams in regards to security solutions to enable faster delivery of IT Systems

  •       Collaborating with IT development teams and other HSBC teams working closely in a DevSecOps and agile development process. Support the Secure SDLC ensuring developers are coding in-line with security standards, practices and industry best-practice

  Relationship management

  •       Build and maintain relationships with in Wholesale IT – Global Banking service lines, to cultivate Cybersecurity awareness and development best practice

  Delivery/Compliance

  •       Overseeing effectiveness of controls to ensure compliance with HSBC Information Security policies and standards.

  •       Advocate security policies and standards to the respective Service lines

  •       Vulnerability Management process includes from analysis of CVEs, priority and track till remediation

  •       Interface between the development teams and relevant Cybersecurity teams

  •       Support control testing and partner with the Service lines RCO to ensure threats are identified and risk rated, mitigating controls are identified where appropriate and any controls required have been implemented

  •       Integrate into the development process, attending scrums and owning security use cases and stories

  •       Advise appropriate teams (Cybersecurity/IT Risk) on residual risk on completion of projects

  •       Support initial risk assessment process and providing consultancy and guidance

  •       Responsible for undertaking application security risk assessments as part of development projects. This entails using a threat modelling methodology to identify threats which could affect the Confidentiality, Integrity and Availability of the data and components in scope.

  •       Support where necessary key GBM security uplift initiatives

  •       Contribute to review of security standards and procedures

  •       Own driving the remediation of security issues (defects), or supporting other risk treatment methods as needed (e.g. risk acceptance)

  •       Providing support for automated application security tooling working with Cybersecurity as necessary

  •       Interpret and advise on the results from security testing to both technical and non-technical audiences

  •       Delivering the right service lines outcomes for the product/service provided and related to:

  •       Successful/failed/frequency of releases

  •       Shortest possible time from Idea to Live

  ing: 1.0pt; mso-ansi-language: EN-GB; mso-fareast-language: ZH-TW; mso-bidi-language: AR-SA;\">Number of incidences caused by change and the mean time to recover from incidents 

About Company :
Purview is a leading Digital Cloud & Data Engineering company headquartered in Edinburgh, United Kingdom having a presence in 14 countries India (Hyderabad, Bangalore, Chennai and Pune), Poland, Germany, Finland, Netherlands, Ireland, USA, UAE, Oman, Singapore, Hong Kong, Malaysia and Australia.

We have a strong presence in UK, Europe and APEC, providing services to Captive Clients (HSBC, NatWest, Northern Trust, IDFC First Bank, Nordia Bank etc) in fully managed solutions and co-managed capacity models. Also, we support various top IT tier 1 organisations (Capgemini, Deloitte, Wipro, Virtusa, L&T, CoForge, TechM and more) to deliver solutions and workforce/resources.

Company Info: