Cloud Security Architect - Wholesale Technology
Big Bank Funding. FinTech Thinking.
Our technology teams in the UK work closely with HSBC’s global businesses to help design and build digital services that allow our millions of customers around the world, to bank quickly, simply and securely. We also run and manage our IT infrastructure, data centres and core banking systems that power the world’s leading international bank.
Our multi-disciplined teams include: DevOps engineers, IT architects, front and back end developers, infrastructure specialists, cyber experts, as well as project and programme managers.
We have multiple programmes working in agile DevOps teams with colleagues around the world.
Following extensive investment across our Technology and Digital domains, we are currently seeking an experienced Cloud Security Architect to join HSBC Technology
What you will be doing;
Working within our growing Architecture team, you will consult on enterprise architecture, solution design, adherence to group architecture practices and within the IT security team.
Your primary areas of accountability will include:
- Consult on designs by providing security assurance reviews in-sprint and end-sprint through threat modelling and subsequent risk assessments (collaborating with architects and being an approval party).
- Help design robust security for web/ mobile front ends, micro-service architecture (APIs), containers (kubernetes), databases, on-premise and cloud services (such as pub/sub, dataflow and cloud armor).
- Create and present security architecture strategies, roadmaps, and help teams design patterns.
- Help teams ensure Products and Projects/ Programmes are secure by design, within the risk appetite, and meet compliance requirements, group standards and policies.
- Contribute to the Enterprise Architecture & Design Practice within group cyber by reviewing security standards, controls, and policies and recommending enhancements.
- Collaborate with relevant stakeholders to ensure alignment to the cybersecurity strategy, securing the bank’s technology, whilst maintaining, protecting and enhancing HSBC’s values, reputation and stakeholder value.
- Help teams ensure compliance with internal audit and external regulators.
- Help teams ensure adherence to the three lines of defence organisational model with clear lines of responsibility, accountability and segregation of duties.
What you will bring to the role;
To be successful in this role you should have proven experience within the Technology sector with knowledge of the following skills:
- Cloud Security Architecture of Public Clouds (such as GCP, AWS or Azure) and Private Clouds.
- Threat modelling and risk assessments.
- Security principles in
- Identity management (authentication and authorization including policy enforcement points, token services, protocols such as OAuth2),
- Cryptography including encryption, signing and digital certificates
- Securing front ends (web/ mobile),
- Micro service architecture (APIs) security,
- Docker/ kubernetes,
- Databases,
- Event driven streaming technologies,
- Logging and monitoring, networks, firewalls, load balancers, DNS, CDNs
- Working knowledge of agile DevSecOps environments, and CI/CD (Jenkins, Ansible, Terraform). Awareness of SAST, DAST, RASP, and IAST tools and building security into existing SDLC processes.
- Excellent oral, written communication and presentation skills.
Desirable:
- Certified GCP or AWS Architect. Knowledge of Azure Cloud a bonus.
- Ideally have a security certification such as CISSP, CISM, CCP, SANS, GAIC, Ethical Hacker.
- Bachelor’s Degree or higher in Engineering, Computer Science or another relevant field.
- Ideally from a FinTech/ banking background with experience in DevOps.
This role will primarily be based in London or another UK base location, some travel may be required.
Come Power a Business that Defines How to Power the World
As a business operating in markets all around the world, we believe diversity brings benefits for our customers, our business and our people. This is why HSBC is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of ethnicity, religion, age, physical or mental disability/long term health condition, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, and any other characteristic protected by local law in the jurisdictions in which we operate. Within the work place you will have access to various employee resource groups which aim to promote and achieve a healthy work / life balance and support our diversity ambitions. HSBC has in place processes in order to avoid nepotism, which means to avoid creating circumstances in which the appearance or possibility of conflicts of interest may exist within the hiring process.
We want everyone to be able to fulfil their potential which is why we provide a range of flexible working arrangements and family friendly policies.
As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.
Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.
Recruitment Helpdesk:
Email: hsbc.recruitment@hsbc.com
Tel: +44 (0) 207 832 8500