.Some careers have more impact than others.If you're looking for a career where you can make a real impression, join GSC HSBC and discover how valued you'll be.HSBC is one of the largest banking and financial services organisations in the world, with operations in 64 countries and territories. We aim to be where the growth is, enabling businesses to thrive and economies to prosper, and, ultimately, helping people to fulfil their hopes and realise their ambitions.We are currently seeking an experienced professional to join our team in the role of Senior Penetration Tester.Principal responsibilitiesKey purpose of this position is to:- Lead/perform and own the design and delivery of penetration tests across variety of technologies.- Work within virtual teams of security and technical specialists to ensure quality delivery of world class security solutions to the business.- Lead penetration tests designed to highlight and clearly articulate risk to the business, in terms the business can understand.- Drive and lead penetration tests and resulting deliverables, to aid in ensuring that the Bank operates within defined risk appetite- Represent Cybersecurity function as technical SME in internal and external discussions.- Help drive the maturity of Cybersecurity function by continuously improving quality of our services and removing inefficiencies, in line with wider Cybersecurity strategy.- Ensure adherence to the three lines of defence organisational model, with clear lines of responsibility, accountability and segregation of duties.- Ensure compliance with internal audit and external regulators, to ensure that any organisational changes are fit for purpose and meet their expectations.- Collaborate with relevant stakeholders to enhances the delivery of a Cybersecurity strategy to secure the bank's technology, protecting and enhancing HSBC's values, reputation and stakeholder value.- Provide supervision, guidance and mentor less experienced members of a team**Principal Accountabilities**:- Clearly and professionally document root cause and risk analysis of all findings- Adhere to the security testing process and raise any gaps or opportunities for improvement with manager.- Work closely with the DevOps teams to ensure that the security testing requirements are met and help automate repetitive tasks.- Code and demonstrate basic proof-of-concept exploits of vulnerabilities when required.- Assist with coordination of security testing projects according to a structured process, including writing test plans, test cases and test reports.- Advise on vulnerability remediation, control implementation and secure development practices- Assess product release risk and complexity and identify potential misuse scenarios through review of business requirements and design specifications- Assist with tracking, remediation, and risk acceptance for identified security vulnerabilities
