Delivery Head - 0000D4E1
汇丰软件开发(广东)有限公司
- 公司规模:1000-5000人
- 公司性质:外资(非欧美)
- 公司行业:计算机软件
职位信息
- 发布日期:2019-08-09
- 工作地点:广州
- 招聘人数:若干人
- 工作经验:无工作经验
- 学历要求:招若干人
- 语言要求:不限
- 职位类别:项目总监
职位描述
Role Title: Delivery head Business: Commercial Banking IT
Role Purpose / Description CMB Security Architecture is a global function responsible for the definition of the future state security, the creation /use of security patterns and assuring that appropriate security is designed-into CMB services and projects. CMB Security Architecture will provide security architecture guidance and assurance to CMB IT and business teams. It will work with CMB Architecture, Enterprise Security Architecture and other key CMB and Enterprise groups. The overall services that the team will provide are as follows:
-Define, design, evaluate and maintain the CMB Business Cybersecurity architecture
-Drive the implementation of secure design through guidance and assurance.
-Measure adherence to the security architecture within CMB to drive progress.
-Security product/service selection & implementation with associated processes and controls
-Delivery of solutions architecture consulting.
-The role will be hands-on and cuts across all the CMB IT teams and Architecture disciplines: Application, Solution, Technical, Information and Enterprise.
-Principal Accountabilities: Key activities and decision making areas
-Impact on the Business
-Champion the development and implementation of CMB’s target state Security Architecture.
-Govern the introduction of new security techniques, products, services, technologies and standards where needed against identified use cases and taking into account commercial.
-Have a holistic knowledge of CMB’s most critical business systems
-Stay abreast of technology trends and advise IT and the business about potential benefits/impacts.
-Propose innovative architectural solutions to address security capability and control gaps
-Plan strategic roadmaps and position the Business to provide new customer services secured by the latest security capabilities
-Own CMB related security patterns for all layers of the stack (from network fabric, to hardware and OS) as well as service models (IaaS, PaaS, Saas), and ensure alignment with security policies and standards
-Customers / Stakeholders / 3rd Parties
-Work closely with CMB Architects, Solution Designers, Enterprise Security Architecture and Cybersecurity Assessment. (CSAT).
-Work with stakeholders to communicate, educate and influence key security controls and strategic direction
-Participate in continual improvement of CyberSecurity by investigating new security processes, technologies, and tools, and regular communication of related information.
-Leadership & Teamwork
-Evangelize the benefits of security architecture, accepted best practice techniques, standards and tools to CMB
-Develop and evolve security best practice within CMB
-Drive target state security architecture execution in collaboration with stakeholders
-Lead security information sharing across CMB
-Operational Effectiveness & Control
-Manage security architecture reviews through Technical Design Authority (TDA) and Solutions Architecture Board (SAB) ensuring peer review of all projects
-Ensure that any new services/projects are taken through the Technology Design Authority (TDA)
-Drive usage and creation of security patterns/ services
-Ensure compliance with all relevant internal instructions (FIMs, GSMs, circulars) and external regulatory requirements, including the management of operational risk and adherence to the Group’s standards of ethical behaviour Major Challenges:
-Understand Commercial Banking strategy and drive the IT Security target state architecture to ensure IT’s current and future capabilities satisfy these business needs. Influences IT stakeholders to ensure that the necessary investments are made to deliver required security services/capabilities. Initiates improvement in services, products and systems.
-Leads development and communication of Commercial Banking’s Cybersecurity Assurance. Ensure CMB’s governance framework provides clear decision-making on security. Promotes security policies, practices and decisions that recognise the current and evolving needs of all the stakeholders.
-Provision of security consultancy services. Takes full responsibility for the balance between non-functional, service quality and systems management requirements.
-Drives security design activities, promoting the discipline to ensure consistency. Ensure appropriate adherence to HSBC standards.
-Coordinates the identification and assessment of the security impact of emerging technologies & innovation.
-Ensures projects/ systems are reviewed for compliance with HSBC’s security standards, policies and target state architecture strategy. Ensures that any identified security risks are highlighted appropriately.
职位要求:
Knowledge & Experience / Qualifications (For the role – not the role holder. Minimum requirements of the role.):
-Bachelor’s degree in Computer Science, Cyber Security or a related field
-At least 7+ years of relevant IT experience, including exposure to design, engineering, implementation and operations (3-5 of those years to be devoted specifically to security)
-Experience of performing security design reviews, ideally including threat assessment / threat modelling
-Ability to provide direction and guidance on security architectural use cases and requirements.
-Familiarity with Industry Standard Security Frameworks such as NIST Cybersecurity Framework, ISO 27001/27002, ITIL, COBIT. IT or cloud related security qualifications desirable.
-Experience in defining future architectural strategy and roadmaps
-Experience with role-based authorization methodologies, authentication technologies and security attack pathologies
-In-depth knowledge of key IT domains particularly computing platforms (Windows, UNIX and Linux) and networking technologies
-Knowledge and experience with perimeter security controls such as firewall, IDS/IPS, network access control, and network segmentation
-Proficient in security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies Security Architectural experience working in complex organizations.
-Comfortable working with ambiguity and conducting research as well as managing third party vendor(s).
-Ability to write position papers on highly complex topics for a business audience to assist in decision making
-Experience building reference security architectures and adapting them for business use cases.
-Understanding of Cloud service models (IaaS, PaaS, SaaS), and supporting technologies.
-Experience with any of the industry Cloud technologies such as Amazon Web Service, Azure, Google Cloud, etc., as well as virtualization technologies (VMWare, MVS, xEN, Virtual Box, etc...)
-Familiarity with deploying and securing container technology, VM Ware ESXi, and OpenStack is desirable
-Understanding of network technologies including SDN, routing (including VRFs), and enterprise network designs.
-Knowledge of third party auditing and cloud risk assessment methodologies
Role Purpose / Description CMB Security Architecture is a global function responsible for the definition of the future state security, the creation /use of security patterns and assuring that appropriate security is designed-into CMB services and projects. CMB Security Architecture will provide security architecture guidance and assurance to CMB IT and business teams. It will work with CMB Architecture, Enterprise Security Architecture and other key CMB and Enterprise groups. The overall services that the team will provide are as follows:
-Define, design, evaluate and maintain the CMB Business Cybersecurity architecture
-Drive the implementation of secure design through guidance and assurance.
-Measure adherence to the security architecture within CMB to drive progress.
-Security product/service selection & implementation with associated processes and controls
-Delivery of solutions architecture consulting.
-The role will be hands-on and cuts across all the CMB IT teams and Architecture disciplines: Application, Solution, Technical, Information and Enterprise.
-Principal Accountabilities: Key activities and decision making areas
-Impact on the Business
-Champion the development and implementation of CMB’s target state Security Architecture.
-Govern the introduction of new security techniques, products, services, technologies and standards where needed against identified use cases and taking into account commercial.
-Have a holistic knowledge of CMB’s most critical business systems
-Stay abreast of technology trends and advise IT and the business about potential benefits/impacts.
-Propose innovative architectural solutions to address security capability and control gaps
-Plan strategic roadmaps and position the Business to provide new customer services secured by the latest security capabilities
-Own CMB related security patterns for all layers of the stack (from network fabric, to hardware and OS) as well as service models (IaaS, PaaS, Saas), and ensure alignment with security policies and standards
-Customers / Stakeholders / 3rd Parties
-Work closely with CMB Architects, Solution Designers, Enterprise Security Architecture and Cybersecurity Assessment. (CSAT).
-Work with stakeholders to communicate, educate and influence key security controls and strategic direction
-Participate in continual improvement of CyberSecurity by investigating new security processes, technologies, and tools, and regular communication of related information.
-Leadership & Teamwork
-Evangelize the benefits of security architecture, accepted best practice techniques, standards and tools to CMB
-Develop and evolve security best practice within CMB
-Drive target state security architecture execution in collaboration with stakeholders
-Lead security information sharing across CMB
-Operational Effectiveness & Control
-Manage security architecture reviews through Technical Design Authority (TDA) and Solutions Architecture Board (SAB) ensuring peer review of all projects
-Ensure that any new services/projects are taken through the Technology Design Authority (TDA)
-Drive usage and creation of security patterns/ services
-Ensure compliance with all relevant internal instructions (FIMs, GSMs, circulars) and external regulatory requirements, including the management of operational risk and adherence to the Group’s standards of ethical behaviour Major Challenges:
-Understand Commercial Banking strategy and drive the IT Security target state architecture to ensure IT’s current and future capabilities satisfy these business needs. Influences IT stakeholders to ensure that the necessary investments are made to deliver required security services/capabilities. Initiates improvement in services, products and systems.
-Leads development and communication of Commercial Banking’s Cybersecurity Assurance. Ensure CMB’s governance framework provides clear decision-making on security. Promotes security policies, practices and decisions that recognise the current and evolving needs of all the stakeholders.
-Provision of security consultancy services. Takes full responsibility for the balance between non-functional, service quality and systems management requirements.
-Drives security design activities, promoting the discipline to ensure consistency. Ensure appropriate adherence to HSBC standards.
-Coordinates the identification and assessment of the security impact of emerging technologies & innovation.
-Ensures projects/ systems are reviewed for compliance with HSBC’s security standards, policies and target state architecture strategy. Ensures that any identified security risks are highlighted appropriately.
职位要求:
Knowledge & Experience / Qualifications (For the role – not the role holder. Minimum requirements of the role.):
-Bachelor’s degree in Computer Science, Cyber Security or a related field
-At least 7+ years of relevant IT experience, including exposure to design, engineering, implementation and operations (3-5 of those years to be devoted specifically to security)
-Experience of performing security design reviews, ideally including threat assessment / threat modelling
-Ability to provide direction and guidance on security architectural use cases and requirements.
-Familiarity with Industry Standard Security Frameworks such as NIST Cybersecurity Framework, ISO 27001/27002, ITIL, COBIT. IT or cloud related security qualifications desirable.
-Experience in defining future architectural strategy and roadmaps
-Experience with role-based authorization methodologies, authentication technologies and security attack pathologies
-In-depth knowledge of key IT domains particularly computing platforms (Windows, UNIX and Linux) and networking technologies
-Knowledge and experience with perimeter security controls such as firewall, IDS/IPS, network access control, and network segmentation
-Proficient in security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies Security Architectural experience working in complex organizations.
-Comfortable working with ambiguity and conducting research as well as managing third party vendor(s).
-Ability to write position papers on highly complex topics for a business audience to assist in decision making
-Experience building reference security architectures and adapting them for business use cases.
-Understanding of Cloud service models (IaaS, PaaS, SaaS), and supporting technologies.
-Experience with any of the industry Cloud technologies such as Amazon Web Service, Azure, Google Cloud, etc., as well as virtualization technologies (VMWare, MVS, xEN, Virtual Box, etc...)
-Familiarity with deploying and securing container technology, VM Ware ESXi, and OpenStack is desirable
-Understanding of network technologies including SDN, routing (including VRFs), and enterprise network designs.
-Knowledge of third party auditing and cloud risk assessment methodologies
职能类别: 项目总监
公司介绍
About HSBC
HSBC is one of the leading banking and financial services organisations in the world. In 70 countries and territories serving around 37 million customers, we connect customers to opportunities, enabling businesses to thrive and economies to prosper. We help people to fulfil their hopes and dreams and realise their ambitions by providing award-winning advisory, products and services.
HSBC Operations, Services and Technology provides essential operational services, IT and technical support to help HSBC function effectively and improve our customer service.
About HSBC Technology China
We develop, implement and support software and IT services and processes that allow HSBC to remain at the forefront of high-quality banking systems. We develop and maintain systems for HSBC’s global businesses, as well as support functions such as Finance, HR and Risk. We work across a range of technology platforms and development disciplines, from mainframe to mobile technologies.
Our team includes software engineers and developers, architects, testers, IT and business analysts, consultants and programme and project managers, as well as team leadership and management roles. We employ people in almost all the countries and territories in which HSBC operates. Two locations of HSBC Technology China, including Guangzhou and Xi’an, are world-class technology hubs with industrial delivery capability.
Who we look for
We have exciting opportunities for highly motivated graduates and experienced professionals to join our talented IT team and ensure HSBC realises its ambition to be the world’s leading and most respected international bank. We are looking for people who are dependable, open to different ideas and cultures and enjoy being part of a team.
In return, we will help develop your skills through structured programmes, training and on-the-job experiences to meet your career ambitions. We offer comprehensive, market-competitive pay and benefits as well as programmes and plans to assist employees in building and protecting their financial security.
If you are interested in working with the teams that develop, implement and support the technology that keeps HSBC functioning effectively, we hope to hear from you.
Find out more about us in Website: *****************************/careers/technology
Or Follow us on WeChat Career Account by searching “汇丰软件人才招聘”
HSBC is one of the leading banking and financial services organisations in the world. In 70 countries and territories serving around 37 million customers, we connect customers to opportunities, enabling businesses to thrive and economies to prosper. We help people to fulfil their hopes and dreams and realise their ambitions by providing award-winning advisory, products and services.
HSBC Operations, Services and Technology provides essential operational services, IT and technical support to help HSBC function effectively and improve our customer service.
About HSBC Technology China
We develop, implement and support software and IT services and processes that allow HSBC to remain at the forefront of high-quality banking systems. We develop and maintain systems for HSBC’s global businesses, as well as support functions such as Finance, HR and Risk. We work across a range of technology platforms and development disciplines, from mainframe to mobile technologies.
Our team includes software engineers and developers, architects, testers, IT and business analysts, consultants and programme and project managers, as well as team leadership and management roles. We employ people in almost all the countries and territories in which HSBC operates. Two locations of HSBC Technology China, including Guangzhou and Xi’an, are world-class technology hubs with industrial delivery capability.
Who we look for
We have exciting opportunities for highly motivated graduates and experienced professionals to join our talented IT team and ensure HSBC realises its ambition to be the world’s leading and most respected international bank. We are looking for people who are dependable, open to different ideas and cultures and enjoy being part of a team.
In return, we will help develop your skills through structured programmes, training and on-the-job experiences to meet your career ambitions. We offer comprehensive, market-competitive pay and benefits as well as programmes and plans to assist employees in building and protecting their financial security.
If you are interested in working with the teams that develop, implement and support the technology that keeps HSBC functioning effectively, we hope to hear from you.
Find out more about us in Website: *****************************/careers/technology
Or Follow us on WeChat Career Account by searching “汇丰软件人才招聘”
联系方式
- 公司地址:广州市