Head of Web Application and API Protection

As the Head of Web Application and API Protection at HSBC, your role will involve shaping the global strategy for Web Application Security & Protection (WASP) by collaborating with engineers, architects, and platform owners. You will be responsible for defining and maintaining the strategy to enable business success, meet regulatory expectations, and respond to evolving threat actors. Your key responsibilities will include: - Defining and maintaining the global strategy for WASP, ensuring alignment with business goals, regulatory requirements, and best practices. - Owning the investment roadmap for WASP and overseeing its successful delivery across multiple partners, prioritizing risk reduction and strategic needs. - Empowering innovation within HSBC to navigate cyber risks with responsive technologies and services, fostering a culture of continuous improvement. - Developing technical solutions with colleagues to meet current and future business needs, ensuring scalability and resilience of the bank's infrastructure. - Operating and maturing a business service supporting the adoption and tuning of protections, serving as a trusted advisor for technical and business teams. - Ensuring end-to-end oversight of WASP throughout the organization, driving a data-centric approach to observability and assessment. - Maintaining regulatory and risk management outcomes, owning the capability budget, and contributing to change across Cybersecurity and Technology. - Leading and inspiring a team of highly skilled SMEs globally, fostering a culture of empowerment, learning, and partnership. Qualifications: - Overall experience of 18+ years with relevant experience in Cybersecurity. - Hands-on experience in designing and implementing web application protection strategies. - Robust understanding of industry cybersecurity frameworks, standards, and methodologies. - Expertise in web application security and API security, including vulnerability scanning and mitigation. - Deep understanding of web application vulnerabilities, attack patterns, and cloud environments. - Strong analytical skills and experience in technology leadership roles. By joining HSBC, you will have the opportunity to make a significant impact in the field of Cybersecurity and contribute to the safety of the bank and its customers. Visit www.hsbc.com/careers to explore the possibilities. Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, available on our website.,