Vulnerability Management Response Lead, HSBC

HSBC

Location:
Poland

Category:
IT - Software Development

Contract Type:
Employment contract

Salary:

Not provided

Save Job

Apply Position

Job Description:

The Vulnerability Response Lead is a key role within the Vulnerability Management Response & Remediation team and the wider Cyber Security Vulnerability Management function. The role will report into the Head of Vulnerability Management Response & Remediation.

Job Responsibility:

Support the remediation efforts of newly discovered vulnerabilities, where the risk score is deemed critical and an immediate risk to HSBC
Monitor external threat feeds and Cyber Intelligence Threat Analysis to identify any newly reported external risks
Manage the documentation of FRTF and ITAG initiatives and providing / identifying expert advice & guidance on remediation approaches
Track and report of ITAG and FRTF initiatives, as well as producing closure reports for completed ITAG’s and FRTF’s
Follow operational processes and ensure that they provide the most streamlined and efficient method of operations, whilst identifying opportunities for improvement
Support thematic reviews to drive and systematic uplifts and enhancements to services that help protect the bank
Maintain operational documentation on what reports are available and how / where to access them
Conduct holistic reviews of the overall baseline security posture
Contribute to and inform requests from Regulators, Internal/ External Audit, and 2LOD challenges/ Papers
Support the commentary for routine governance submissions e.g. Cybersecurity Executive Committee Monthly Update, Risk Map, KCIs, KRIs
Support Imminent threat review sessions, and deputising for the chair when required
Support the Head of Vulnerability Management Response and Remediation in leading the Vulnerability Management Response Team
Engage with the Global Head of Vulnerability Management, and other relevant team leads to review and gain approval for submissions, to ensure information requests are aligned with the group risk appetite providing the expected responses

Requirements:

Minimum of 3-5 years’ experience in working in IT Security or similar role
Experience of working in roles within Cyber Security Operations, Risk Management, and Governance, within a mid to large enterprise or equivalent organisation
Ability to understanding, apply, and improve elements of the Vulnerability Management Lifecycle and use multiple toolsets to convey information, obtain data, and make it meaningful to future plans
Lateral thinking and creative form to deploy expertise in the uplift of people skills, process identifications, and technological adjustments
Ability to recognise threats and risk, and act with insight to deliver a core part of the Cyber Security Operational model in HSBC
Ability to produce clear and concise reports for targeted audiences across internal and external stakeholders
Understanding and experience in the practical application and execution of Vulnerability scanning technologies and their application (e.g. Nessus, SAST/MAST/DAST (Checkmarx, Netsparker, Fortify, IBM AppScan, etc.), Tenable.io, Security Center (or similar Vulnerability Scanning products), risk consolidation platforms)
Vulnerability assessments, scoring and ratings and how they are applied
Patch Management
Business and architectural design, including controls analysis, process flows and data flows
Cyber security principles, global financial services business models, regional compliance regulations and laws
MS Excel to interrogate large data sets
SharePoint, Microsoft Teams and Confluence
Excellent organisational, administrative, analytical, and problem-solving skills with the ability to work accurately and methodically whilst under pressure to meet deadlines
Proven track record on delivering activities on time to a high standard
Strong interpersonal skills with the ability to create and maintain relationships - Internal relationships extend to peers across other functions within IT and externally to HSBC global businesses, which include external relationships with vendors, typically audit, legal, and technology where the need arises
High level of integrity and strong ethical values

What we offer:

Competitive salary
Annual performance-based bonus
Additional bonuses for recognition awards
Multisport card
Private medical care
Life insurance
One-time reimbursement of home office set-up (up to 800 PLN)
Corporate parties & events
CSR initiatives
Nursery discounts
Financial support with trainings and education
Social fund
Flexible working hours
Free parking

Additional Information:

Job Posted:
November 01, 2025

Expiration:
January 30, 2026

Employment Type:

Fulltime

Work Type:

Hybrid work

View All Jobs In This Company

Job Link Share:

Vulnerability Management Response Lead

HSBC

Location:Poland

Category:IT - Software Development

Contract Type:Employment contract