GSC: Principal SME Web Application Security Protection

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

The Cloud Dev Ops engineers will work within an agile team of Engineers and Operations personnel building highly resilient, scalable and performant AWS infrastructure in an automated and efficient manner. The engineers will work alongside the Application Dev Ops teams and cross-functional IT teams. The engineers will be required to use their initiative to innovate to achieve maximum performance and be prepared to investigate and use new products/services offered by AWS.

• Support to coordinating migration of teams to WAF Central Rules in block mode for example. Development and realisation of new processes for new Operating Models.
• Oversee development and integration of central capabilities (Central SOC/SIEM) alerting and incident response etc.
• Work with CSP Architecture and Core engineering Dev Ops Leads on enabling of WAF Rules on Internal facing services. Working with central ESP team to capture and define central security baseline rules / signatures.
• Work with application teams / support to migration of their services to new Central CSP Managed.
• Use their networking and network security experience and knowledge to review Business and IT projects and provide advice and guidance, ensuring network security control requirements are satisfied.
• Identify and drive opportunities to improve network security posture based on an understanding of current control and technology environment.
• Understand network security threats and risks, able to identify areas of network security risk and propose solutions.
• Interact with technical leaders and various layers of management considered a plus.
• Be able to analyse network and cybersecurity data (e.g. system logs) to support decision making and evidence control effectiveness. Ability to build connections and work collaboratively across boundaries. Willingness to continuously learn and share learnings with others. Ability to coach and guide more junior team members as needed.

• Experience in working in at least one Cloud Provider and have experience working with CSP native WAF solutions or equivalent - Akamai in use of WAF Rules and DDoS protection.
• Experience working at scale in the use at least one CSP native WAF solutions or equivalent - Akamai WAF and DDoS protection solutions.
• Be able to demonstrate use of WAF and the applying of common rule sets within their organisation. Candidate SHALL will have experience working in central functioning role and be able to demonstrate effectiveness in working cross an organisation in applying common security baseline configuration for protection of services.
• Experience in producing guidance, procedural and process documentation for consumption by multiple teams on WAF or equivalent Security Configuration for protection of services.
• Be familiar key Industry and Open Source standards for WAF. Candidate MUST have basic level Web Security understanding and be able to guide Web Application / UI Developers on security aspects relating to non-compliance to Security baseline configuration.
• Experience in responding and handling adequately of Cyber-attacks (Layer 7 / DDoS attacks). Candidate SHALL have direct experience in Monitoring and Alerting of attacks in at least one CSP - AWS, Azure, GCP or equivalent.
• Strong understanding of Web Applications / HTML / JS sufficient enough to demonstrate they are capable in reviewing of signatures and identification of false positives. Candidate MUST be able to demonstrate an affective ability working with multiple functions of the business in the defining of processes, procedures and in the responding to security incidents.
• Expected to upskill where required of the role on CSP Native technologies, where maybe required during an incident to respond rapidly in analysing of attack signatures in near-Realtime and…