Cyber Security Analyst

  • tbc
  • Luxembourg Luxembourg Luxembourg LU
  • Permanent, Full time
  • HSBC Bank plc, Luxembourg Branch
  • 13 Sep 18 2018-09-13

Cyber Security Analyst

HSBC Holdings plc, the parent company of the HSBC Group, is headquartered in London. The Group serves customers worldwide from around 3,900 offices in 67 countries and territories in Europe, Asia, North and Latin America, and the Middle East and North Africa.

With assets of US$2,526bn at 30th September 2017, HSBC is one of the world’s largest banking and financial services organisations

HSBC provides a comprehensive range of financial services through four global businesses: Retail Banking & Wealth Management; Commercial Banking; Global Banking and Markets; and Global Private Banking.

The HSBC Group in Luxembourg is a significant employer and operates several businesses including asset management, securities services, private banking and corporate banking.

In order to strengthen our IT Security team, we are looking to recruit a:


Cyber Security Analyst
Permanent contract


Role and Responsibilities:

The Cyber Security Officer will work within the Identity and Access Management Operations (IAM Ops) and Cyber Security team of HSBC in Luxembourg which serves as a first line of defence function ensuring that HSBC’s electronic based assets are monitored, managed, accessed and protected effectively so that only those people with a legitimate business need can access or modify them.

Reporting to the local Cyber Security Manager, the role covers all entities of HSBC in Luxembourg.

Principal accountabilities:

The Cyber Security Officer is a hands-on role which requires an important level of involvement in day-to-day security operations.

The principal accountabilities for the role are:

  • Access management: Provisioning of users’ access to business applications, Active Directory, shared folders, email system, OS (UNIX/Windows), etc. Requests may come from HSBC entities outside Luxembourg. Provision of privileged/IT access to Active Directory, sensitive servers, applications and firewall. Facilitation of periodic user access recertification. Maintenance of Role Based Access Controls.
  • Performance of periodic security checks: ranging from privileged access logs review (oversight of applications, systems and firewall accesses by local and/or global admins) to infrastructure security (virus checks, servers’ security compliance, intrusion detection).
  • Involvement in the deployment and management of local security tools and IT infrastructure
  • Monitoring and Detection: Maintain visibility across the estate. Apply intelligence-led approach to detection of threats. Investigation and analysis of security data. Drive increased quality of alerting (limiting false positives). Manage security matters within defined SLA. Manage control monitoring dashboards.
  • Cyber Intelligence and Threat Analysis: Maintain landscape view of cyber threats. Malware and threat reverse engineering, Attack profiling, Adversary tracking. Create and maintain threat graph for critical assets. Assessment of control effectiveness in light of emerging threats. Maintain external intelligence and threat analysis relationships. Drive automation and orchestration.
  • Incident Management and Response: Manage and coordinate the communications and engineering response to information security incidents. Maintain management information related to realised incidents, control effectiveness, recommended control adjustments etc.
  • Client Engagement and Support: Drives security discussion with internal clients. Responsible for Management Information production and reporting. Programme management office, Drives all agenda items with partner groups and clients.
  • Data Leakage and Prevention.


Experience and skills required:
• Bachelor Degree or equivalent and/or experience in an information security governance and operational processes.
• Relevant experience in an Information Security, Risk management or IT Audit
• Qualifications - desirable but not essential one or more; ISO270001, CISA, CISM, CISSP, CRISC.
• Ability to quickly develop good working relationships with stakeholders.
• Ability to operate in matrix structures with multiple stakeholders and in a multicultural environment
• Customer focused, engaged, dependable and motivated
• Excellent communication and interpersonal skills.
• Fluent in English, French in an asset


 If you want to work in our challenging and multicultural environment and be part of a global team, please send your application letter and curriculum vitae (in English) to:

HSBC in Luxembourg strives for true diversity in its workforce and as such we are an equal opportunities employer and positively encourage applications from all suitably qualified candidates.

Please note that due to the volume of applications received, we will acknowledge your application only if we wish to proceed to interview. If you have not received a response within 4 weeks your application has not been successful.

Please also note that every selected candidate will have to provide us with a valid criminal record check in due time.