- Managing development of security rules configurations automation including for example API integrations and recommending configuration changes to improve the effectiveness performance usability and value of cloud security tools in one or more cloud platforms with particular focus on Amazon Web Services AWS

- Ownership of security outcomes in relation to applicable cloud platforms as per management direction and HSBC Policy

- Reviewing challenging escalating requests from Global Businesses and Functions for exemptions exceptions from mandatory security requirements driving consistent policy process and management across all Cloud platforms

- Actively participating in Global Businesses and Functions Architecture Design Cloud Deployment Pattern reviews and providing feedback to ensure cloud services meet mandatory security requirements and operate in a secure way

- Oversight of Cloud Security Assessment security reviews through manual and automated processes

- Collaboratively work with vendors client staff and contractors to implement and integrate vendor provided Cloud Security solutions as required

- Liaising with Cloud platform engineers architects and business stakeholders to understand and drive best practice aligned to HSBCs mandatory controls

- Review HSBC Cloud Security Baseline documentation in particular with respect to AWS platform services to ensure accuracy relevance applicability and currency

- Driving continuous improvement of cloud security and automated processes to minimize variation and ensure predictable high quality code and data

- Supporting incident management processes where appropriate including incident reviews providing analysis data reporting where required

- Proactively researching emerging threats and vulnerabilities to aid in the identification of cloud threats

Skills :