Job
Description
As the Head of Web Application and API Protection at HSBC, you will play a crucial role in defining and maintaining the global strategy for Web Application Security & Protection (WASP) to enable business success and meet regulatory expectations. Your responsibilities will include: - Strategy: - Define and maintain the global strategy for WASP, ensuring business success and meeting regulatory expectations. - Collaborate with engineers, platform owners, architects, and Control Owners to respond to evolving threat actors. - Delivery: - Own the investment roadmap for WASP and ensure successful delivery across multiple partners. - Transparently prioritize a common backlog to drive risk reduction and wider strategic needs. - Innovation: - Empower HSBC to navigate cyber risk with innovative and frictionless technologies and services. - Foster a culture of innovation, experimentation, and continuous improvement. - Partnership: - Develop innovative technical solutions with colleagues throughout technology and the business to meet current and future needs. - Partner with external technology providers and security specialists to integrate best practices. - Services: - Define, operate, and mature a business service supporting the adoption and tuning of protections. - Act as a trusted advisor for technical and business teams managing online services. - Oversight: - Ensure robust oversight of WASP throughout the organization, from platform acquisition to federated operation. - Drive a data-centric approach to observability and assessment supported by automation and analytics. - Accountability: - Ensure regulatory and risk management outcomes are maintained. - Own the capability budget and contribute to championing change across Cybersecurity and Technology. - Talent: - Lead, manage, invest in, recruit, and inspire a team of highly skilled SMEs globally. - Cultivate a culture of empowerment, experimentation, learning, partnership, and delivery. Qualifications: - Overall experience of 18+ years in Cybersecurity. - Hands-on experience in designing and implementing web application protection strategies. - Expertise in web application security and API security. - Deep understanding of web application vulnerabilities, attack patterns, and cloud environments. - Strong analytical skills and experience in technology leadership roles. Joining HSBC as the Head of Web Application and API Protection will provide you with the opportunity to make a significant impact in shaping the bank's cybersecurity strategy and protecting its customers and infrastructure. (Note: Additional details about the company were not included in the provided job description.) As the Head of Web Application and API Protection at HSBC, you will play a crucial role in defining and maintaining the global strategy for Web Application Security & Protection (WASP) to enable business success and meet regulatory expectations. Your responsibilities will include: - Strategy: - Define and maintain the global strategy for WASP, ensuring business success and meeting regulatory expectations. - Collaborate with engineers, platform owners, architects, and Control Owners to respond to evolving threat actors. - Delivery: - Own the investment roadmap for WASP and ensure successful delivery across multiple partners. - Transparently prioritize a common backlog to drive risk reduction and wider strategic needs. - Innovation: - Empower HSBC to navigate cyber risk with innovative and frictionless technologies and services. - Foster a culture of innovation, experimentation, and continuous improvement. - Partnership: - Develop innovative technical solutions with colleagues throughout technology and the business to meet current and future needs. - Partner with external technology providers and security specialists to integrate best practices. - Services: - Define, operate, and mature a business service supporting the adoption and tuning of protections. - Act as a trusted advisor for technical and business teams managing online services. - Oversight: - Ensure robust oversight of WASP throughout the organization, from platform acquisition to federated operation. - Drive a data-centric approach to observability and assessment supported by automation and analytics. - Accountability: - Ensure regulatory and risk management outcomes are maintained. - Own the capability budget and contribute to championing change across Cybersecurity and Technology. - Talent: - Lead, manage, invest in, recruit, and inspire a team of highly skilled SMEs globally. - Cultivate a culture of empowerment, experimentation, learning, partnership, and delivery. Qualifications: - Overall experience of 18+ years in Cybersecurity. - Hands-on experience in designing and implementing web application protection strategies. - Expertise in web application security and API security. - Deep understanding of web application vulnerabilities, attac
