Data and Infrastructure Security Lead
Join a digital first bank that’s powered by people.
Our technology team builds innovative digital solutions rapidly and at scale to deliver the next generation of banking services for our customers around the world.
You’ll have an impact on bringing digital-first banking to our customers by defining the future state architecture vision and strategies for our Global Businesses and Global Functions.
You’ll be developing business, data, software, and integration architecture standards to manage processes, systems, and technology complexity aross the HSBC Group. Through dynamic, agile collaboration you’ll work closely with business partners to translate their requirements into integrated solutions that can be deployed globally using consistent service patterns for ease of deployment, support, and enhancement.
About Zing
Zing is a brand new fintech designed to make international money worry-free for anyone who sends, spends, or converts international currencies. Zing has been developed within the HSBC Group to work for anyone, even if they don’t have a HSBC account, so we can be an agile fintech whilst reaping the benefits of having one of the world’s biggest international banks as our parent. We’ve recently launched in the UK and have ambitious plans to scale both within the UK and internationally at pace.
Check us out:- https://www.zing.me/.
Why join Zing?
We’re only at the start of our exciting journey but have already generated significant media interest. If you want to help build out a highly visible global fintech and work with a global bank as a partner, then this is the opportunity for you!
• Competitive package + benefits
• Hybrid work arrangements and flexible working hours
• A dynamic and challenging working environment
• Responsibility from day one in a fast growing and global company, in a start-up context
• A vibrant and international team with a diverse background
• Regular social and team events
We are seeking a highly skilled and experienced Data and Infrastructure Security Lead to join our team. As a Data and Infrastructure Security Lead, you will be responsible for ensuring the security of our Data and infrastructure, with a focus on AWS security, endpoint (Mac) security, anti-malware protection, and data security. You will play a critical role in safeguarding our systems and data from threats and vulnerabilities, including implementing data loss prevention (DLP) on structured and unstructured data, data masking and encryption, and securing web browsing using tools like Zscaler.
As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.
In this role you will:
• Lead and oversee Data and infrastructure security activities, including AWS security, endpoint (Mac) security, anti-malware protection, and data security.
• Manage Endpoint Security solutions for Mac systems, including antivirus, anti-malware, and host-based intrusion prevention systems (HIPS), to protect endpoints from threats and vulnerabilities.
• Implement and maintain security controls and best practices for AWS cloud infrastructure, including IAM, VPC, S3, and EC2 security configurations. To also maintain anti-malware protection measures, including malware detection and prevention tools, to safeguard our systems and infrastructure.
• Develop and implement data loss prevention (DLP) solutions for structured and unstructured data to monitor and prevent unauthorized data exfiltration.
• Implement and manage data masking techniques to protect sensitive data in non-production environments and during data transfers.
• Implement and manage data encryption mechanisms, including encryption at rest and in transit, to ensure the confidentiality and integrity of sensitive data.
• Evaluate and implement secure web browsing solutions, such as Zscaler or similar tools, to protect against web-based threats and enforce acceptable use policies, as well as conduct regular security assessments and audits of our systems and infrastructure to identify and address security gaps and vulnerabilities.