Overviewjoin to apply for the soc lead analyst role at hsbc.role is part of the global cybersecurity operations (gco) within the cybersecurity global defence function, reporting to the global head of cybersecurity operations. The gco provides a coordinated suite of network defence services aimed at detecting and responding to information and cybersecurity threats across hsbc assets globally.role responsibilitieslead the analysis of and support the response to cybersecurity events within hsbc, using the latest threat monitoring and detection technologies to detect, analyse and respond.work as a senior member of the monitoring and threat detection team within an “analysis pod” tasked with triage of threat detection events across the global technology estate.collaborate with cybersecurity engineering, service reliability engineering, cyber intelligence & threat analysis, and other hsbc teams to ensure effective detection, containment, and remediation of incidents.main activitiesglobal cybersecurity operations provides network defence services for detecting and responding to threats across hsbc assets; supports cybersecurity incident management and response activities; collaborates with internal global defence capabilities.monitor hsbc global technology and information estate 24x7, analyse incidents, and tune alerting rules for maximum effectiveness; drive continuous improvement of detection capabilities.lead analysts guide triage of threat detection events and support incident response across the organization.requirementsskillsexcellent investigative skills, curiosity, and a drive to win.creative thinking with ability to think like an adversary.strong problem-solving, troubleshooting, and decision-making abilities.understanding of business needs and delivering high-quality, prompt service.ethical standards, integrity, and a commitment to hsbc values.experience defining and refining operational procedures to support monitoring and detection.good understanding of hsbc cybersecurity principles, financial services models, and regulatory requirements.knowledge of industry frameworks (mitre att&ck, owasp, iso2700x, pci dss, glba, eu data security/privacy acts, cis, nist).strong communication skills for reporting to diverse audiences.english proficiency (additional local language as applicable).technical skillsexperience analyzing threat data, evaluating malicious activity, and identifying attacker ttps.advanced knowledge of siem platforms and edr tooling for threat detection, triage, and hunting.knowledge of ids/ips/hips, malware analysis, firewalls, proxies, mss, and related technologies.experience with windows, linux, citrix, esx, osx; basic scripting/programming for tooling.soar platform experience and automation development; cloud familiarity (aws, azure, google).familiarity with incident response and forensic tools (encase, ftk, sleuthkit, kali linux, etc.).industry experience and qualifications5+ years in a cybersecurity senior analyst role or similar.experience in enterprise-scale environments, preferably in finance or regulated sectors.certifications such as ceh, oscp, ence, sans gsec, gcih, gcia, cissp.education in information security, cybersecurity, computer science, or equivalent experience.competenciesanalytic thinkingeffective communicationconflict resolutionstrategic visionurgency and ability to work with immediate right to work locally may be prioritized.additional informationhsbc is an equal opportunity employer committed to building a culture where all employees are valued and have opportunities to grow. Personal data from applications is processed in accordance with hsbc privacy statement.issued by hsbc electronic data process mexico private ltd
#j-18808-ljbffr