technologies-expected :
AWS
Microsoft Azure
Google Cloud Platform

about-project :
Sitting within the Monitoring and Threat Detection sub-function, the ‘Cybersecurity Threat Hunter’ role is primarily charged with proactively searching through the HSBC global estate for evidence of malicious activities in our systems and on our networks and finding ways to illuminate behaviours that have managed to evade current defences. Rather than relying primarily on static indicators and reacting to automatic rules and alerts, the Threat Hunter uses a deep knowledge of internal defences, cyber-security expertise and the latest cyber-threat intelligence to develop hypotheses and anticipate how those attackers will seek to bypass existing controls to continuously improve our cyber-defences.

responsibilities :
Hunt for malicious or anomalous activity across the enterprise, using the various cybersecurity tools, platforms, and capabilities available. Act in co-ordination with GCO staff to lead the development and implementation of an advanced analysis and search capability focused on identifying potentially sophisticated APT and insider threat activities within the organisation.
Leverage a ‘cyber intelligence led approach’ to researching new and existing threat actors and associated tactics, techniques, and procedures (TTPs); develop a detailed understanding of their potential impact to the organisation, provide, develop and implement recommended solutions for improving our defensive and detective capability.
Collaborate with Cybersecurity functions, e.g., Red Team, Cyber-threat Intelligence to develop hypotheses for the detection and/or presence of new attack techniques and evasion methods; collaborate with the wider Cybersecurity (and IT) teams to ensure that the core, underlying technological capabilities that underpin an effective and efficient operational response to current and anticipated threats and trends remain fit for purpose.
Coordinate threat hunting activities, leveraging intelligence from multiple internal and external sources.
Review incident and penetration testing reports and corresponding logs, to identify gaps in our detection capability and provide recommendations to improve them.
Provide expert analytic investigative support on large scale and complex security incidents.
Contribute to the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes and identify processes that can be automated and orchestrated to ensure maximum efficiency of Global Cybersecurity Operations resources.
Train, mentor and inspire colleagues across the function and strengthening Cybersecurity Operations capabilities and represent HSBC Global Cybersecurity Operations at internal awareness and external cybersecurity forums.

requirements-expected :
8+ years of experience in computer forensics, vulnerability analysis, cyber security analysis, penetration testing and/or network engineering.
Extensive experience within an enterprise scale organisation; including hands-on experience of complex data centre environments, preferably in the finance or similarly regulated sector.
Industry recognised cyber security related certifications including CEH, EnCE, SANS GSEC, GCIH, GCIA and/or CISSP.
Formal education and advanced degree in Information Security, Cyber-security, Computer Science or similar and/or commensurate demonstrated work experience in the same.
Expert level knowledge of intelligence analysis principles either though formal education / training or equivalent professional experience.
Expert level knowledge and demonstrated experience in analysis and dissection of advanced attacker tactics, techniques, and procedures in order to inform adjustments to the control plane.
Expert level knowledge of scripting, programming and/or development of bespoke tooling or solutions and technical experience of 3rd party cloud computing platforms such as AWS, Azure, and Google.
Fluent English and excellent communication and interpersonal skills with the ability to produce clear and concise reports for targeted audiences across internal and external stakeholders.

offered :
Competitive salary
Annual performance-based bonus
Additional bonuses for recognition awards
Multisport card
Private medical care
Life insurance
One-time reimbursement of home office set-up (up to 800 PLN)
Corporate parties & events
CSR initiatives
Nursery discounts
Financial support with trainings and education
Social fund
Flexible working hours
Free parking (Cracow office)

benefits :
sharing the costs of sports activities
private medical care
sharing the costs of professional training & courses
life insurance
remote work opportunities
flexible working time
integration events
corporate sports team
doctor’s duty hours in the office
retirement pension plan
corporate library
no dress code
coffee / tea
parking space for employees
leisure zone
extra social benefits
employee referral program
opportunity to obtain permits and licenses
charity initiatives
family picnics
extra leave
In-office gym