Lead Windows Engineer -
Big Bank Funding. FinTech Thinking.
Our technology teams in the UK work closely with HSBC’s global businesses to help design and build digital services that allow our millions of customers around the world, to bank quickly, simply and securely. We also run and manage our IT infrastructure, data centres and core banking systems that power the world’s leading international bank.
Our multi-disciplined teams include: DevOps engineers, IT architects, front and back-end developers, infrastructure specialists, cyber experts, as well as project and programme managers.
Business area overview
Global Cybersecurity Operations (GCO) provides a coordinated suite of “Network Defence” services responsible for detecting and responding to information and cybersecurity threats to HSBC assets across the globe.
The organization includes dedicated functions for systems engineering, content management and automation, monitoring and detection, as well as cybersecurity incident management and response activities.
What you will be doing:
As a Lead Windows Engineer you will join the Cybersecurity Product Sustained Engineering team, responsible for the Splunk SIEM platform and other technology supporting Global Cybersecurity Operations. The team manages all aspects of the AWS IaaS-hosted Cybersecurity platforms, as well as a large infrastructure footprint for on-premises log collection.
The Lead Windows Engineer will manage Splunk log ingestion for all Windows technologies, including Active Directory, members servers, desktops and ATMs. Vital to this role is experience in Windows system administration, AD / AD LDS, event forwarding, Group Policy, PowerShell, SCCM and Spunk agent configuratio
What you will be doing;
This role will carry out some or all of the following activities:
Key Responsibilities
- Engineering leadership for Windows log management
- Leading the continued technical enhancement of Windows event management and threat detection
- Designing and implementing a scripted agent lifecycle management capability for Windows platforms
- Managing the Windows-hosted Cyber Forensics platform
- Training and developing other members of the Technology Operations team
- Supporting a culture of individual self-improvement, whereby staff are expected to maintain subject matter expertise within their area of focus and within the realm of cybersecurity more broadly, for example remaining up to date on the latest forensic techniques and tooling for strategically important platforms and technologies in use (and proposed for use) at HSBC.
- Taking a leading role in the engagement of Global Businesses and Functions everywhere HSBC does business, driving a global up-lift in cybersecurity awareness
- Collaborating with various layers of management across Cybersecurity and other IT teams to develop solutions that protect the organisation
- Designing and driving the implementation of new service offerings, capability uplifts and process improvements to protect the bank for a continuously changing threat landscape Major Challenges:
Supporting mission-critical cyber SIEM and automation platforms for a global user base operating on a 24/7 basis