Senior Cybersecurity Engineer

At HSBC, the health and well-being of our employees remains of utmost importance. Many of our roles are permitted to work from home (in states in which HSBC is licensed to operate) until further notice. Upon resumption of normal operations, this role may be performed at our San Francisco, California office.

The HSBC Open team’s mission is to analyze societal, financial, and technological trends effecting economic activity and the financial services industry in particular and bring that knowledge into HSBC to create new digital opportunities that are aligned to business goals.

HSBC Open will partner with internal and external groups to develop propositions that have a substantial ‘outside in’ aspect such that HSBC establishes a significant external presence in domains like ecosystems and BaaS. Open will be very active in the external innovation ecosystem, looking for tools, techniques, propositions, and partners that can be brought to bear within HSBC to augment our digital agenda. At the center of its services will be an ability to identify, incubate and accelerate new products and services; the team members will have a unique background in design, strategy, technology, and products, combined with a knowledge of the external market. Your abilities will compliment those of internal staff and bring a more entrepreneurial approach: Open will utilize the principles of Lean Startup Methodology and a venture capital-style portfolio management and will embed those into HSBC’s Agile methodology.

This role will carry out some or all of the following activities:

• Provide support across the end-to-end delivery and run lifecycle, using their skills and expertise to carry out software development, testing and operational support activities with the ability to move between these according to demand secure software development practices, enabling engineers on security awareness, incident detection and response
• Collaborate closely with other specialists, architects and business stakeholders to understand and drive the product or service's direction with a security focus
• Establish security measures for detecting incidents, and creating a process by which a response and types of notices are provided to stakeholder’s digital environment and automate processes to minimize variation and ensure predictable high quality code and data
• Create technical test plans and records, including unit and integration tests, within automated test environments to ensure code quality security testing patterns that can be adopted by engineers to demonstrate secure releases
• Keep up-to-date and have expertise on current tools, technologies and areas like cyber security and regulations pertaining to aspects like data privacy, consent, data residency etc. that are applicable