GCS: Vulnerability Management Reporting Analyst

Some careers shine brighter than others.

If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further.

Global Cybersecurity is responsible for enabling businesses and functions to manage their information, technology and cybersecurity risks by ensuring these are well-understood, and that controls used to manage such events are defined, assessed and implemented appropriately. Cybersecurity predominantly delivers this via objective, independent, professional and specialized subject matter experts. The role forms part of the first line of defence in relation to the risk management framework.

The Cybersecurity Assessment and Testing (CSAT) function, part of Global Cybersecurity, is accountable for Vulnerability Management, Secure Development (inc. DevSecOps), Threat and Controls Assessment (inc. threat modelling) and Third Party Security Assessment. The function drives the identification, capture, assessment, testing/ verification and ultimately the remediation of security defects, gaps and vulnerabilities across HSBC’s estate in concert with business and technology teams - on-premise, within the Cloud and for those resulting from 3rd party engagements.

• Designing, building, delivering and maintaining detailed and accurate reporting of Vulnerability data to help drive and prioritise risk-based remediation.
• Driving continual improvement in the depth and breadth of reporting capabilities e.g., as a result of thematic analysis.
• Producing routine operational reports by exporting large datasets from existing sources (including Power BI dashboards and Cyberport).
• Ensuring clear, concise, consistent and insightful commentary to complement the data/ metrics, highlight key themes with a risk/ business focus.
• Responding to adhoc management information data requests including the delivery of thematic trend analysis.

• Developing and implementing enterprise scale reports and dashboards in Power BI.
• Using Structured Query Language (SQL).
• Logical and physical data modelling concepts (relational & Dimensional).
• Cybersecurity concepts such as threats, vulnerabilities
• Intermediate VBA Scripting or programming language skills (Python, C+, or PowerShell, VBA scripting)
• Excel macros, advanced formulas and pivot table functions; manipulation of large data sets to provide comprehensive data analysis and reporting solutions.
• Scanning technologies (e.g. Nessus, SAST, MAST and DAST scanning).

• Annual performance-based bonus
• Additional bonuses for recognition awards
• One-time reimbursement of home office set-up (up to 800 PLN).
• Nursery discounts
• Financial support with trainings and education
• Flexible working hours

• Online behavioural test (for external candidates only)
• Telephone screen (for external candidates only)
• Zoom interview with the hiring manager

We are looking to hire as soon as possible so don’t wait and apply now!

You'll achieve more when you join HSBC.

We thank all interested candidates for their applications. We reserve the right to contact only selected candidates.

In case you would like to resign from participation in recruitment process or withdraw previously sent to us application, please email us at: krakow.recruitment@hsbc.com

Join our Talent Community so that we can keep you updated and informed of the latest happenings at HSBC.