SOC Lead Analyst

If you’re looking for a career where you can make a real impression, join Global Service Center (GSC) HSBC and discover how valued you’ll be. HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.

We are currently seeking an experienced professional to join our team in the role of SOC Lead Analyst.

Role Purpose:

Operating within the Cybersecurity Global Defence function and under the management of the Global Head of Cybersecurity Operations, the Global Cybersecurity Operations (GCO) team provides a coordinated suite of “Network Defence” related services and are responsible for the detection and response to information and cybersecurity threats across the global HSBC assets and estate.

The GCO team is split into four distinct sub-functions:

1. Monitoring & Threat Detection (MTD) – Monitoring, detection, alerting, and triage of initial cyber-threat events.
2. Incident Management & Response (IMR) – Management and deep-dive investigation and response to cyber-incidents.
3. Information Protection & Response (IPR) – Management and response to information and data security incidents.
4. Strategic Innovation & Operations (SIO) – Continuous improvement of cyber-threat detection capabilities and process automation.

Critical to the success of GCO are its close partnerships with other Cybersecurity Global Defence teams including Cybersecurity Engineering, Service Reliability Engineering, Cyber Intelligence & Threat Analysis teams, and the wider HSBC businesses and functions.

The overall GCO mission is placed under the purview of the Cybersecurity Chief Technology Officer / Head of Cybersecurity Global Defence.

Main Activities:

Lead Analyst (GCO)

Global Cybersecurity Operations (GCO) provides a coordinated suite of “Network Defence” services responsible for detecting and responding to information and cybersecurity threats to HSBC assets across the globe and is under the management of the Head of Global Cybersecurity Operations. This includes dedicated functions for the monitoring and detection of threats within the global estate as well as Cybersecurity Incident Management and Response activities. These functions are supported by additional internal Global Defence capabilities in Cyber Intelligence and Threat Analysis, Cybersecurity Engineering, and Service Reliability Engineering. The success of GCO relies on close partnerships with other Cybersecurity teams, IT Infrastructure Delivery, and Global Business and Function clients. The overall GCO and GD mission is under the supervision of the Cybersecurity CTO and CISO.

The Cybersecurity Monitoring and Threat Detection Team is responsible for 24x7 monitoring of HSBC’s global technology and information estate. Their mission is to detect adversaries within the estate, analyze the severity and scope of threats, and collaborate with the Incident Management and Response Team to contain and remediate threats. The team also aims to improve detection capabilities through attack analysis and tuning security alerts for maximum effectiveness. This role is vital to safeguarding HSBC’s customers, brand, shareholder value, and assets.

Lead Analysts are responsible for leading the analysis and supporting the response to cybersecurity events across HSBC, utilizing advanced threat detection technologies to identify, analyze, and respond to threats.

The Lead Analyst must:

• Work as a senior member of the Monitoring and Threat Detection team within an “Analysis POD” focused on triaging threat detection events from HSBC’s global technology estate.