GCO Release Engineering Manager
Global Cybersecurity Operations (GCO) provides a coordinated suite of “Network Defense” services responsible for detecting and responding to information and cybersecurity threats to HSBC assets across the globe and is under the management of the Head of Global Cybersecurity Operations. This includes dedicated functions for the monitoring and detection of threats within the global estate as well as Cybersecurity Incident Management and Response activities. These two principal functions are supported by additional internal GCO capabilities; Cyber Intelligence and Threat Analysis and Cybersecurity Technology Operations. Critical to the success of GCO is it close partnership with sister Cybersecurity teams, IT Infrastructure Delivery and Global Business and Function clients. The overall GCO mission is placed under the purview of the Group Chief Information Security Officer (CISO).
The GCO Engineering team’s mission is to solution, design, build and deploy various security tooling within HSBC aligned to our Security Operations Centre. The team is responsible for building solutions that are enterprise class, meet the requirements of our M&TD & IM&R teams and are resilient. The team also ensures there is adequate monitoring to proactively detect system failures and manages the performance and capacity of the platforms on an ongoing basis. This mission is critical to the protection of HSBC customers, the HSBC brand, shareholder value, as well as HSBC information and financial assets.
- Excellent cloud systems engineering skills, insatiable curiosity and an innate drive to win.
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
- An understanding of business needs and commitment to delivering high-quality, prompt and efficient service to the business.
- An understanding of organizational mission, values and goals and consistent application of this knowledge.
- Self-motivated and possessing of a high sense of urgency and personal integrity.
- Good understanding and knowledge of common industry cyber security frameworks, standards and methodologies, including; OWASP, MITRE ATT&CK, ISO2700x series, PCI DSS, GLBA, EU data security and privacy acts, FFIEC guidelines, CIS and NIST standards.
- Good communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.