Head of Threat Intelligence Engineering

  • Competitive
  • London, England, United Kingdom
  • Permanent, Full time
  • HSBC Bank plc
  • 18 Apr 19

Head of Threat Intelligence Engineering

Head of Threat Intelligence Engineering

Some careers grow faster than others.

If you're looking for a career that will give you plenty of opportunities to develop, join HSBC and your future will be rich with potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

The Cybersecurity team at HSBC are engaged to transform the way Cybersecurity is accomplished at the bank and we are set to enable the business to do more, as securely as we want, or need to be. In short, in line with the Bank's strategy, we are to be Simpler, Better, Faster and of course - More Secure.

To achieve this we have many exciting challenges ahead and are looking for people with a real passion for what they would like to do. Working with some of the best technology talent we are searching for technologists and enablers that will help support us on this journey.

As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.

We are currently seeking an experienced individual to join this team in the role of Head of Threat Intelligence Engineering.

The Cybersecurity Technology team is responsible for identifying, developing, and deploying global cybersecurity controls and solutions at HSBC- across all bank entities, Global Businesses (GB), and Global Functions (GF), and is under the management of the Cybersecurity CTO. Within this team includes dedicated functions for Threat Intelligence Engineering and Vulnerability Management Engineering. Critical to the success of these teams are their close partnerships with sister Cybersecurity teams, IT Infrastructure Delivery and Global Business and Function clients. The overall Cybersecurity Technology mission is placed under the purview of the Group Chief Information Security Officer (CISO).

The Threat Intelligence Engineering Team is charged with providing technology solutions to enable the Cybersecurity Intelligence and Threat Analysis team, which operates within the Cybersecurity Operations (CSO). The technology solutions provided will be a combination of internally engineered technologies, vendor solutions, and connections to/from other HSBC systems. The mission of the Threat Intelligence Engineering Team is critical to the protection of HSBC customers, the HSBC brand, shareholder value as well as HSBC information and financial assets.

In this role you will be accountable for:

Building out the foundation for the Threat Intelligence Engineering function at HSBC. This includes defining a strategy, identifying resources required, driving towards deliverables, and measuring progress of the program throughout.

Providing subject matter expertise in the field of Threat Intelligence Engineering and using that knowledge to help build out a world class, global team to uplift existing (and future) threat intelligence controls and technologies at HSBC.

Implementing and maintaining an effective engagement model with the Threat Intelligence Operations teams, to ensure a clean and steady intake of requirements, leading to the engineering of solutions, testing for effectiveness, delivering to production, and confirming that requirements are met.

Researching, engaging, and managing third party vendors where relevant to support functional objectives.

Providing thought leadership to the function and broader Cybersecurity organization, driving transformational change and capability uplift across the bank.

Collaborating with senior managers across Cybersecurity and other IT teams to develop solutions that protect the organization.

Designing and driving the implementation of service offerings, capability uplifts, and process improvements to protect the bank for a continuously changing threat landscape.

Understanding of the technology aspects around Cyber Threat Intelligence as required for the defence of a large financial institution tooling, data flows, visualization technologies, good/bad actors, malware, tactics, techniques, best practices and technical security innovations.

Creation and ownership of Key Control Indicators (KCIs) for the Threat Intelligence Engineering programme.

To be successful in this role you will need to have:

  • Highly developed security engineering skillset, so you can help to solve for large, complex cybersecurity problems in support of the Threat Intelligence Operations function
  • Ability to build out a program, starting at the beginning and showing measurable progress throughout.
  • Instinctive and creative, with an ability to put bespoke pieces of solutions together.
  • Deep knowledge of industry best practice threat intelligence workflows.
  • Excellent understanding of cyber security principles, global financial services business models, regional compliance regulations and laws.
  • Excellent understanding and knowledge of common industry cyber security frameworks, standards and methodologies including; OWASP, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards.
  • Excellent communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.
  • Proven ability to collaborate across industry, academia and government to solve complex cyber security problems.
  • Internal relationships extend to peers across other function within IT and externally to HSBC global businesses, and will also include external relationships with vendors, typically audit, legal, and technology where the need arises. Executive presence, strong ability to communicate to top level management and peers
  • Ability to effectively understand and manage budgets and technology expenditures.


Qualifications
Technical Skills
  • Experience with directing the design, development, and integration of cybersecurity products and solutions in a large scale environment.
  • Proven ability to research, design, implement, and transition the full spectrum of threat intelligence technology solutions.
  • Extensive experience with third party threat intelligence vendors and solutions (e.g. Anomali, Maltego, Flashpoint, etc.)
  • Solid python scripting skills, with API experience.
  • Expert level knowledge and demonstrated experience of common intelligence sharing platforms/protocols and experience operating within a collective defence environment, with internal stakeholders and external partners.
  • Expert level knowledge of intelligence analysis principles either through formal education/training or equivalent professional experience.
  • Ability to develop and track key performance indicators (KPIs) and metrics for evaluation of operational effectiveness as well as providing recommendations for control improvement and mitigating control adjustments.


The base location of this role will be London.



You'll achieve more when you join HSBC.

As a business operating in markets all around the world, we believe diversity brings benefits for our customers, our business and our people. This is why HSBC UK is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of background, circumstances, age, disability, gender identity, ethnicity, religion or belief and sexual orientation.
We want everyone to be able to fulfil their potential which is why we provide a range of flexible working arrangements and family friendly policies

As a business operating in markets all around the world, we believe diversity brings benefits for our customers, our business and our people. This is why HSBC UK is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of background, circumstances, age, disability, gender identity, ethnicity, religion or belief and sexual orientation.

We want everyone to be able to fulfil their potential which is why we provide a range of flexible working arrangements and family friendly policies.