Head of Secrets Management
Join a digital first bank that’s powered by people.
Our technology team builds innovative digital solutions rapidly and at scale to deliver the next generation of banking services for our customers around the world.
In our cybersecurity team you’ll be helping to safeguard the financial system on which millions of people depend.
You’ll be making banking more secure by designing, implementing, and operating controls to manage cybersecurity risk. You’ll help define HSBC Group cyber security standards, deliver Global Security Operations ad Threat management services, provide round-the-clock monitoring and security incident response services, and oversee Network/Application/Infrastructure Security. The work you do will provid3e assurance of the adequacy and effectiveness of security controls to Business Risk Owners.
The role of a Secrets Management Control Owner is to develop, implement and monitor centralised Group IAM non-interactive authentication (i.e., Secrets Management) controls. The ideal candidate will have a strong background in Information Security and IAM and be responsible for ensuring the protection of sensitive data and systems through effective Secrets Management control practices for at least the following:
• Secrets storage and vaulting solutions
• Creation of a Secure Identity Framework for non-interactive identities
This includes assessing and reporting on the status of the HSBC IT estate's compliance to Secrets Management Policy, Standards, and Operational Risk Controls.
As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.
In this role you will:
• Develop, implement, and maintain Secrets Management control policies and procedures to ensure the protection of sensitive data and systems
• Monitor Secrets Management control activities to ensure compliance with policies and procedures and report on this by introducing relevant Key Control Indicators (KCI’s).
• Conduct regular reviews of Secrets Management control processes to identify and remediate any vulnerabilities or areas for improvement.
• Collaborate (as the control SME) with cross functional teams, including Cybersecurity, IT, and business units, to ensure Secrets Management control strategies align with organisational goals and requirements.
• Oversee the administration of Secrets Management control services, including remediation of non-compliance instances.