Vulnerability Assessment consultant/ Consultant Specialist/ Pune/ Cybersecurity : 0000JJV2

• Leading the review of all newly discovered vulnerabilities, to assess if the provided risk score is correctly reflecting the risk to Bank.
• Monitoring external threat feeds to identify any newly reported external risks.
• Managing the review of assigned tickets, determining potential false positive and/ or mitigation on approaches, and providing expert guidance/ advice on remediation.
• Ensuring all patterns identified for remediation and/ or false positive identification, are clearly documented within the central tools and applied across the BANK identified threat estate.
• Identify critical paths of operation and ensure that they are followed to provide the most streamlined and efficient method of operating.
• Maintain operational documentation on what reports are available and how to access and utilize existing filters.
• Conduct holistic reviews of the overall baseline security posture.
• Clear accountability and ownership of the Vulnerability Assessment and Response key control indicators and key risk indicators.
• Contribute to and inform requests from Regulators, Internal/ External Audit,
• Supporting the commentary for routine governance submissions e.g., Cybersecurity Executive Committee Monthly Update, Risk Map, KCIs, KRIs.
• Supporting Imminent threat review sessions and deputizing for the chair when required.
• Engaging with the Global Head of Vulnerability Management, and relevant team members to review and gain approval for submissions and ensure information requests are aligned with the group risk appetite providing the expected responses.

We are currently seeking an experienced professional to join our team in the role of consultant specialist, To be successful in this role, you should meet the following requirements:

• The ability to understanding, apply, and improve elements of the Vulnerability Management Lifecycle.
• The ability to recognize threats and risk, and act with insight to deliver a core part of the Cyber Security Operational model in BANK. Multiple functions will come together to ensure the safety of the bank and the ability to continue business under any circumstances.
• Understanding and experience in the Assessment and execution of: Vulnerability scanning technologies and their application (e.g. Nessus, SAST/MAST/DAST (Checkmarx, Netsparker, Fortify, IBM AppScan, etc.), Tenable.io, Security Center (or similar Vulnerability Scanning products), risk consolidation platforms).
• Manual Vulnerability assessments, scoring and ratings and how they are applied.
• Strong Knowledge of OWASP concepts and CVE, CWE's, Cryptography.
• A solid understanding of web and networks security.
• Knowledge of GitHub, Stash.
• Experience of working in roles within Application Security, Risk Management, and Governance, within a mid to large enterprise or equivalent BFSI organization.
• Patch Management.
• SharePoint, Microsoft Teams, and Confluence.
• Excellent organizational, administrative, analytical, and problem-solving skills with the ability to work accurately and methodically whilst under pressure to meet deadlines.
• Experience of working in roles within Cyber Security Operations, Risk Management, and Governance, within a mid to large enterprise or equivalent organization.

£44,420 per year - estimated ? Full time CLOSING SOON Some careers shine brighter than others.

If you're looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

HSBC is one of the largest banking and financial services organizations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realize their ambitions.