Third-Party Security Assessment Consultant

Some careers shine brighter than others. If you’re looking for a career that will help you stand out, join HSBC, and fulfil your potential. Whether you want a career that could take you to the top, or simply take you in an exciting new direction, HSBC offers opportunities, support and rewards that will take you further. Your career opportunity The Cybersecurity Assessment and Testing (CSAT) function, part of Cybersecurity, is accountable for Vulnerability Management, Secure Development (inc. DevSecOps), Threat and Controls Assessment (inc. threat modelling) and Third-Party Security Assessment. The function drives the identification, capture, assessment, testing/verification and ultimately the remediation of security defects, gaps and vulnerabilities across HSBC’s estate in concert with business and technology teams – on-premise, within the Cloud and for those resulting from 3rd party engagements. What you’ll do ⦁Collaborate with both CSAT and Cybersecurity, the role-holder will be expected to contribute to, and to support delivery of the cybersecurity strategy. ⦁Support Control Officers, Risk Stewards, Internal and External Audit, and Regulators with any relevant reviews, examinations and information requests. ⦁Develop as an SME and help to inform wider embedding and training on the consultancy approach to peer TPSA analysts to build and develop the team. ⦁Acting as a pioneer to prove the developing approach you will engage with other Cyber teams, Third Party Management, and other risk teams to deliver Cyber risk support at a global level. ⦁Define and shape a developing approach for Cyber risk consultancy integrating into the end-to-end procurement process from supplier selection to completed onboarding and issue remediation on critical control gaps. What you need to have to succeed in this role ⦁Knowledge and exposure of Risk and Control Management frameworks and control design and execution, in theory and practice. ⦁Ability to understand and articulating defects, threats and technical gaps to both technical and business stakeholders. ⦁Degree and/or similar experience, preferably in IT security in the Financial Services industry or global corporate service provider ⦁Have one or more industry-recognised cybersecurity-related certifications including CISA, CISM, CISSP, CRISC and CCSP etc. ⦁A demonstrable technical understanding in Cloud Security (particularly for SaaS) and AI is desired. ⦁Experience in third party / supply chain governance. ⦁Ability to prepare concise updates, reports and presentations for senior stakeholders. ⦁Ability to manage multiple projects and priorities concurrently What we offer ⦁Competitive salary ⦁Annual performance-based bonus ⦁Additional bonuses for recognition awards ⦁Multisport card ⦁Private medical care ⦁Life insurance ⦁One-time reimbursement of home office set-up (up to 800 PLN). ⦁Corporate parties & events ⦁CSR initiatives ⦁Nursery discounts ⦁Financial support with trainings and education ⦁Social fund ⦁Flexible working hours ⦁Free parking If your CV meets our criteria, you should expect the following steps in the recruitment process: ⦁Online behavioural test ⦁Telephone screen ⦁Interview with the hiring manager. We are looking to hire as soon as possible so don’t wait and apply now You'll achieve more when you join HSBC.

Location: Kraków, PL

Posted Date: 4/17/2025