Principal SME Web Application Security Protection @ HSBC Technology Poland
5 days ago
What you need to have to succeed in this role
- Candidate MUST have experience in working in at least one Cloud Provider and have experience working with CSP native WAF solutions or equivalent - Akamai in use of WAF Rules and DDoS protection.
- Candidate will have experience working at scale in the use at least one CSP native WAF solutions or equivalent - Akamai WAF and DDoS protection solutions.
- Candidate SHALL be able to demonstrate use of WAF and the applying of common rule sets within their organisation. Candidate SHALL will have experience working in central functioning role and be able to demonstrate effectiveness in working cross an organisation in applying common security baseline configuration for protection of services.
- Candidate SHALL have experience in producing guidance, procedural and process documentation for consumption by multiple teams on WAF or equivalent Security Configuration for protection of services.
- Candidate should be familiar key Industry and OpenSource standards for WAF. Candidate MUST have basic level Web Security understanding and be able to guide Web Application / UI Developers on security aspects relating to non-compliance to Security baseline configuration.
- Candidate SHALL be able demonstrate experience in responding and handling adequately of Cyber-attacks (Layer 7 / DDoS attacks). Candidate SHALL have direct experience in Monitoring and Alerting of attacks in at least one CSP - AWS, Azure, GCP or equivalent
- Candidate SHAL have strong understanding of Web Applications / HTML / JS sufficient enough to demonstrate they are capable in reviewing of signatures and identification of false positives. Candidate MUST be able to demonstrate an affective ability working with multiple functions of the business in the defining of processes, procedures and in the responding to security incidents.
- Candidate will have expected to upskill where required of the role on CSP Native technologies, where maybe required during an incident to respond rapidly in analysing of attack signatures in near-Realtime and performing appropriate mitigation actions. Candidate shall have one or more CSP basic certifications - AWS, GCP or Azure. Candidate SHOULD have experience working with Logging solutions such as Splunk in the filtering and alerting of issues.
Some careers shine brighter than others.
If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.
Your career opportunity
The Cloud DevOps engineers will work within an agile team of Engineers and Operations personnel building highly resilient, scalable and performant AWS infrastructure in an automated and efficient manner. The engineers will work alongside the Application DevOps teams and cross-functional IT teams. The engineers will be required to use their initiative to innovate to achieve maximum performance and be prepared to investigate and use new products/services offered by AWS.
,[Support to coordinating migration of teams to WAF Central Rules in block mode for example. Development and realisation of new processes for new Operating Models. , Overseeing development and integration of central capabilities (Central SOC/SIEM) alerting and incident response etc. , Working with CSP Architecture and Core engineering DevOps Leads on enabling of WAF Rules on Internal facing services. Working with central ESP team to capture and define central security baseline rules / signatures. Working with application teams / support to migration of their services to new Central CSP Managed., Uses their networking and network security experience and knowledge to review Business and IT projects and provide advice and guidance, ensuring network security control requirements are satisfied., Identifies and drives opportunities to improve network security posture based on an understanding of current control and technology environment., Expert understanding of network security threats and risks, able to identify areas of network security risk and propose solutions., Excellent communication and interpersonal skills, with experience interacting with technical leaders and various layers of management considered a plus., Able to analyse network and cybersecurity data (e.g. system logs) to support decision making and evidence control effectiveness. Ability to build connections and work collaboratively across boundaries. Willingness to continuously learn and share learnings with others. Ability to coach and guide more junior team members as needed.] Requirements: Cloud, CSP, WAF, Security, Web security, UI, AWS, Azure, GCP, Web applications, JavaScript, Splunk Additionally: Training budget, Private healthcare, Flat structure, International projects, Multisport card, Monthly remote work subsidy, Psychological support, Conferences, PPK option, Annual performance based bonus, Integration budget, International environment, Small teams, Employee referral bonus, Mentoring, Workstation reimbursement, Company share purchase plan, Childcare support programme, Bike parking, Playroom, Shower, Canteen, Free coffee, Free beverages, Free parking, In-house trainings, In-house hack days, No dress code, Modern office, Knowledge sharing, Garden, Massage chairs, Kitchen.-
Principal SME DDoS @ HSBC Technology Poland
5 days ago
Kraków, Czech Republic HSBC Technology Poland Full timeWhat you need to have to succeed in this role Extensive experience of data networks and security design and engineering, preferably acquired in a highly regulated environment. Experience of data gathering from variety of sources including inputs from business, offline spreadsheets, IT systems, etc. Experience of the application of critical thinking and of...
-
Principal SME
5 days ago
Kraków, Czech Republic HSBC Technology Poland Full timeWhat you need to have to succeed in this role Understanding of data networking principles and industry frameworks. Understanding of risk management fundamentals. Knowledge and experience of delivery using Agile and/or DevOps methodologies Knowledge and experience of IT service management principles e.g. change control, incident and problem management,...
-
Kraków, Czech Republic HSBC Technology Poland Full timeTo succeed in this role you need to have: Detailed understanding of network design, firewall, IDPS, content filtering, load balancing, DDoS, NAC, WAF, network segmentation technologies. Detailed understanding of network security threats and risks. Strong communication and interpersonal skills, with experience interacting with technical leaders and various...
-
Kraków, Czech Republic HSBC Technology Poland Full timeWhat you need to have to succeed in this role Extensive experience of data networks and security design and engineering, preferably acquired in a highly regulated environment. Experience of data gathering from variety of sources including inputs from business, offline spreadsheets, IT systems, etc. Experience of the application of critical thinking and of...
-
Kraków, Czech Republic HSBC Technology Poland Full timeWhat you need to have to succeed in this role 3+ years of experience of Cybersecurity SME/Product Owner/Engineering/Strategy areas A background in information systems, technology, architecture, design, and service delivery of defense-in-depth capabilities. Strong stakeholder management skills, with experience of understanding and meeting the needs...
-
Kraków, Czech Republic HSBC Technology Poland Full timeTo succeed in this role you need to have: Detailed understanding of network design, firewall, IDPS, content filtering, load balancing, DDoS, NAC, WAF, network segmentation technologies. Good understanding of network security threats and risks. Strong communication and interpersonal skills, with experience interacting with technical leaders and various...
-
Principal SME
2 weeks ago
Kraków, Lesser Poland, Czech Republic HSBC Technology Poland Full timeWhat you need to have to succeed in this roleUnderstanding of data networking principles and industry frameworks.Understanding of risk management fundamentals.Knowledge and experience of delivery using Agile and/or DevOps methodologies Knowledge and experience of IT service management principles e.g. change control, incident and problem management,...
-
Principal SME IDPS @ HSBC Technology Poland
5 days ago
Kraków, Czech Republic HSBC Technology Poland Full timeWhat you need to have to succeed in this role Detailed understanding of network design, firewall, IDPS, content filtering, load balancing, DDoS, NAC, WAF, network segmentation technologies. Detailed understanding of network security threats and risks. Strong communication and interpersonal skills, with experience interacting with technical leaders and...
-
Kraków, Czech Republic HSBC Technology Poland Full timeWhat you need to have to succeed in this role A background in information systems, technology, business requirments, design, and service delivery of defense-in-depth capabilities. Understanding and knowledge of common industry cyber security frameworks, standards and methodologies Experience working within integrated networked on-prem and Cloud environments...
-
Kraków, Czech Republic HSBC Technology Poland Full timeWhat you need to have to succeed in this role Demonstrated experience running highly sensitive projects. Participation in the Cyber Security industry. Understanding of analysis of common operating system, such as Linux, Windows, Google Android and iOS. Demonstrated experience in third party vulnerability disclosure. Demonstrated experience in software...
