(Cybersecurity) Structured Data Cloud DLP SME

Structured Data – Cloud DLP SME

 

The role holder will work with the Cyber Security Data team to integrate new application builds on cloud into the existing data security framework.

The work will involve ensuring that cloud based data structures on AWS, GCP, Azure and AliCloud can feed log information into various security products specifically the Guardium Big Data Intelligence product from Imperva. This tool uses a cloud based JSON data repository to integrate log data from any datastore.

The successful applicant with have extensive cloud experience, will be a subject matter expert in the database space and will have familiarity with JSON and other mark-up.

 

Role Description

 

The Structured Data Cloud DLP SME role-holder is charged with protecting the  brand, shareholder value, information and financial assets, managing a team across the globe in the following ways:

 

-           Supporting the delivery and operating Strategy

-           Providing key representation for and source of expertise on all issues.

-           Support the delivery of tooling to implement controls ensuring compliance with HSBC Information Security policies and standards globally including any regulatory requirements.

-           Collaborate to drive the implementation of the enterprise wide and regional / business level IT Strategy.

-           Ensure information security requirements are adhered to globally by ensuring effective compliance and measures are in place.

-           Work closely with the team as the 1LOD function and understand strategy while maintaining visibility of their IT security risk profile, exposures and control effectiveness and to provide robust challenge to the same audience when information security risk appetites are breached.

-           Drive engagement with all relevant regional and global stakeholders (cyber security colleagues across Strategy and Architecture, Security Shared Services, Security Engineering and business and IT Functions).

 

Key Experience: 

 

·                 Wide range of cyber experience across cyber with specific focus on Structured Data Security engineering

·                 Experience on Cloud Native solutions and Cloud based data structures on AWS, GCP, Azure and AliCloud

·                 Experience with Databricks Platform and Machine Learning modelling

·                 Experience with structured data, and managing DLP technology

·                 Experience of building, deploying and using the tooling to support Data Security and Data Integration strategies such as IBM Guardium and/or Data Security Fabric

·                 Proven experience of successful operational management, utilising relevant tools and techniques to ensure consistent delivery

·                 A minimum of 4/5 years Cyber experience would be beneficial

·                 Experience working in a highly regulated environment

·                 Promoted and led best practice in risk and compliance management in a similar organization

·                 A track record of making strategic business decisions, considering relevant risks, long term implications, commercial realities and stakeholders'' needs

 

·        Typically educated to degree level within IT

·        Expertise with regular expressions, scripting and tool integration.

·        Regulatory engagement, experience in dealing with compliance matters, and regulatory liaison would be beneficial

·        Knowledge of  any global regulatory requirements would be beneficial

·        Ability to build strong relationships and communicate on complex IT Security issues with a wide spectrum of stakeholders.

·        Understanding of business finance and experience of effective management of budgets and expenditure

·        Comprehensive understanding of security in context of wider industry trends and direction

·        Experience of working in a financial organisation would be beneficial

Information Security Certification such as GIAC, CISSP, CISA, CRISC or ISO 27001 Lead Auditor not required