HSBC

Lead of Vulnerability Management Assessment & Response VMAR for HSBC on a global scale. Responsible for leading a team 7, performing comprehensive investigations and deep technical analysis of security vulnerabilities. Providing rapid remediation response activities to cybersecurity vulnerabilities and threats to ensure the continual protection to HSBC’s technology systems. We empowered HSBC decision makers, enhancing defenses in order to protect the bank against its adversaries. We owned the VMAR function and management programme, designing, developing vulnerability mitigation strategies, prioritising identified vulnerabilities and managing the risks associated with them.

We continually educated and informed Global Business & Functions (GB/GFs) via formal and informal communications. We educated senior stakeholders on imminent cyber threats and its changing landscape to enable informed decision and actions. We conducted technical assessments using multiple scanning tools and vulnerability prioritisation tools including but not limited to the following: Kenna, Cybervault, Cyberflows, Netsparker, Checkmarx, Nessus, Iriusrisk, DFP, Kryptowire, Comet (Pen Testing) and Sonatype Nexus. 

We played a key role of the Imminent Threat Assessment Group (ITAG) preparing, responding and on-going managed against multiple zero day vulnerabilities. He built and maintained relationships with peers, law enforcements (HK police), CITA (Cyber Intelligence and Threat Analysis), GCO (Global Cybersecurity Operations) to detect, assess and respond to vulnerabilities in a timely manner.

We was also involved in reporting millions of vulnerabilities (with a focus on Critical and High) to senior leadership teams including (CISO, CIOs and a variety of stakeholders across HSBC). Part of the Vulnerability Management Programme he was also involved in multiple project enhancements including to but not limited to: building the Strategic Vulnerability Management Platform for HSBC on a global scale, enhancing Application Risk Scores, SLA uplifts, False Positive process creation, upgrading mitigation statuses options (temp fixes, false positives, ever greening, outstanding), integrating cloud findings from GCP, AWS, Azure & Alicloud, DevSecOps integrations, development of the ITAG function, responding to regulatory requirements and creating a global vulnerability management knowledge base. 

Responsible for the management of more than 400K + vulnerabilities across HSBC.  Responsible for the timely remediation and governance of these vulnerabilities across 10 + service lines.  Created remediation plans of discovered vulnerabilities and provided technical expertise to the IT service owners and Cybersecurity Assessment Program. Provided technical guidance on how to resolve cybersecurity issues in areas of application and infrastructure across different technologies including but not limited to Windows Servers, Java, Encryption, WebApplication Security, Unix/Linux, Citrix, Middleware (Apache, Tomcat, Nginx, IBM Webserver IIHS, Oracle, Oracle Database, AWS, Azure & Google Cloud Platform).Part of the imminent threat group identifying and protecting the bank from zero day vulnerabilities. We also liaised with central cyber and ITID teams to help remediate vulnerabilities and suggesting continuous improvement in controls, vulnerability assessment, triage, scanning tool feature enhancements and troubleshooting. Responsible for performing deep analysis and ensuring any violations against HSBC configuration baseline was remediated providing technical directions. Responsible for raising a large number of false positives and working with the tool owners for Nessus, Digital Footprint, Cyberport, Rocket Launcher, Cyberflows & Kenna to improve the accuracy of scanning. Responsible for managing Free Open Source Software vulnerabilities liaising with product owners and multiple senior stakeholders across the bank.