Job Description

Some careers shine brighter than others. If you’re looking for a career that will help you stand out, join HSBC and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.  HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions. We are currently seeking an experienced professional to join our team in the role of Associate Project manager.  In this role, you will: This role will be accountable for governance of all technology security related controls such as Vulnerability Management, Pre-Deployment Security Assurance, Production Security Assurance, Cloud Security, Secure Development, Threat, and Controls Assessment (threat modelling) and Third-Party Security Assessment. This role will also cover Patch Management, Asset Decommissioning, and Configuration Baseline Management.  This role will drive the remediation of security defects, gaps, and vulnerabilities across CET’s estate in concert with IT Service owners – on premise, within the Cloud and resulting from 3rd party engagements. - Build strong relationships with CET’s ITSO community - Work closely with ITSOs, Developers, Architects, and other Technical Leads to understand the end-to-end service and identify where there are any control gaps. - Engage with other Cybersecurity teams, senior management and members of the Business when confronted with potential security issues. - Contribute to process, procedures, and tool identification.  Ensure PODs/ITSOs adopt best practices of Software Life Cycle Management to mitigate Cyber risk being introduced to the bank.  - Design and implement vulnerability reporting and monitoring solutions to be consumed by several key stakeholders ranging from CIO to engineer - Working with technology product owners to provide remediation assistance to the impacted Pods. Working closely with cybersecurity team and understand critical and high patching requirements and then liaise with ITSO’s to ensure vulnerabilities are remediated within the Due Date. - Maintaining and updating process guides and assisting with controls remediation activities. Creating reports for senior stakeholders including presentations for Delivery Assurance and Risk & Control Governance forums - Stay up to date with industry new trends and best practices. To be successful in this role, you should meet the following requirements: - Knowledge and exposure of Risk and Control Management - Excellent data analytical skills to analyse various patching & vulnerability reports - Ability to understand and assess both threats, controls, and vulnerabilities, articulating these to both technical and business stakeholders - Great written and spoken communication skills - Proven experience in general security concepts and principles; Knowledge and experience with network, host, and application security practices. - Working Knowledge on tools like Cyberport, Cyberflows, Cyber Vaults, Power BI, Kenna, Splunk is desirable. You’ll achieve more when you join HSBC. www.hsbc.com/careers  HSBC is committed to building a culture where all employees are valued, respected and opinions count. We take pride in providing a workplace that fosters continuous professional development, flexible working and opportunities to grow within an inclusive and diverse environment. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.  Issued by – HSBC Software Development India ·