HSBC Jobs – Cyber Intelligence Engineer

Website HSBC

About the job

Job Description

Job Title: Lead Cyber Intelligence Engineer (CITA Engineering)

Big Bank Funding. FinTech Thinking.

Our technology teams in the UK work closely with HSBC’s global businesses to help design and build digital services that allow our millions of customers around the world, to bank quickly, simply and securely. We also run and manage our IT infrastructure, data centres and core banking systems that power the world’s leading international bank.

Our multi-disciplined teams include: DevOps engineers, IT architects, front and back end developers, infrastructure specialists, cyber experts, as well as project and programme managers.

Role Description:

The mission of HSBC’s global Cyber Intelligence and Threat Analysis (CITA) team is to conduct comprehensive investigations of malicious cyber actions to inform, educate, and advise HSBC and the broader cybersecurity industry. Through continuous learning and participation in internal and external engagements, CITA empowers decision makers, emboldens defenses, and weakens our cyber adversaries


  • Maintaining existing intelligence engineering tools and continuously seeking to improve and build upon the tooling as the cyber landscape shifts.
  • Identification of processes that can be automated and orchestrated to ensure maximum efficiency of collection and dissemination of tactical threat intelligence to internal stakeholders and external partners.
  • Developing tools to enable adversary engagement operations to maintain a proactive posture against cyber threats.
  • Building technologies to support the static and dynamic analysis of malware.
  • Developing the implementation of service offerings, capability uplifts, and process improvements to protect the bank for a continuously changing threat landscape.


    Essential Skillset/Experience:

    • Advanced, demonstrable experience with Python 3 programming, including full stack web application development using frameworks like Fast API or Flask.#
    • Advanced knowledge in developing and maintaining application programming interfaces (API) for various types of structured data
    • Advanced knowledge utilizing data storage and full content indexing services (e.g., MongoDB, Elasticsearch).
    • Experience with utilizing well known raw threat data sets and their application programming interfaces (APIs) to hunt for threats including post exploitation frameworks.
    • Knowledge and demonstrated experience of common intelligence sharing platforms/protocols and experience operating within a collective defence environment, with internal stakeholders and external partners.
    • Advanced experience and knowledge of version control and best practices for GIT.
    • Advanced experience administrating Linux systems and deploying production tooling to Linux systems.
    • Experience working in a Cybersecurity role, focused on the development of tools and reverse engineering of malware.
    • Formal education and degree in Computer Science, Computer Engineering, or similar, and/or commensurate demonstrated work experience in the same.
    • Excellent investigative skills, insatiable curiosity, and an innate drive to win.
    • Instinctive and creative, with an ability to think like the adversary.
    • Deep knowledge of tools, data sets, and vendors in the cyber security technology landscape.
    • Self-motivated and possessing of a high sense of urgency and personal integrity.

    The role will be based in Sheffield but remote working is also acceptable.

    Come Power a Business that Defines How to Power the World

    As a business operating in markets all around the world, we believe diversity brings benefits for our customers, our business and our people. This is why HSBC is committed to being an inclusive employer and encourages applications from all suitably qualified applicants irrespective of ethnicity, religion, age, physical or mental disability/long term health condition, marital status, sexual orientation, gender identity, gender expression, genetic information (including characteristics and testing), military and veteran status, and any other characteristic protected by local law in the jurisdictions in which we operate. Within the work place you will have access to various employee resource groups which aim to promote and achieve a healthy work / life balance and support our diversity ambitions. HSBC has in place processes in order to avoid nepotism, which means to avoid creating circumstances in which the appearance or possibility of conflicts of interest may exist within the hiring process.

    We want everyone to be able to fulfil their potential which is why we provide a range of flexible working arrangements and family friendly policies.

    As an HSBC employee in the UK, you will have access to tailored professional development opportunities and a competitive pay and benefits package. This includes private healthcare for all UK-based employees, enhanced maternity and adoption pay and support when you return to work, and a contributory pension scheme with a generous employer contribution.

    Personal data held by the Bank relating to employment applications will be used in accordance with our Privacy Statement, which is available on our website.

 Report Job