CISO CTO Infrastructure

About HSBC

HSBC is one of the world’s largest banking and financial services organisations, serving millions of customers through our global network. We connect people, businesses and institutions to opportunities across international markets, supported by a broad range of banking and wealth services. At HSBC, we’re focused on opening up a world of opportunity – helping people and businesses thrive and supporting economies to prosper. If you’re looking for work with global reach, real‑world impact and the chance to collaborate with colleagues across markets, you’ll find it here.

The Role

As Chief Information Security Officer for CTO Infrastructure you’ll define and drive the security posture of HSBC’s global technology infrastructure estate across cloud, on‑premises data centres, network, identity, endpoint and operational technology. You’ll operate at the intersection of the CTO and CISO organisations to protect a complex, globally distributed environment across more than 40 jurisdictions. The role is directly relevant to the bank’s obligations under DORA, PRA/FCA supervisory expectations, NIS2 and emerging AI Act requirements. You’ll represent the bank before UK, EU and US regulators on infrastructure security matters and serve on the Group Security Leadership Committee. You’ll lead a globally distributed team of c.8–12 specialists and manage an operating budget typically in the range of $25–50M. Success means measurable improvement in infrastructure security resilience, strong regulatory outcomes and security embedded into the bank’s technology transformation.

What You Will Be Doing

• Own the multi‑year infrastructure security strategy aligned to technology transformation, cloud migration and AI adoption
• Define and govern Zero Trust architecture standards across hybrid cloud and on‑premises environments
• Lead security architecture review and approval for major infrastructure programmes including cloud platform, SD‑WAN, core network refresh and OT modernisation
• Set and enforce multi‑cloud security posture across AWS, Azure, GCP and private cloud including CSPM, CNAPP and cloud workload protection
• Establish secure‑by‑default configuration standards and IaC guardrails across compute, storage, networking and container platforms
• Own infrastructure‑layer identity controls including PAM, machine identity and secrets management across management and control planes
• Strengthen detection, resilience and response for infrastructure‑layer threats including exercises, TLPT scope and P1/P2 incident leadership
• Govern security risk across critical infrastructure suppliers including DORA‑aligned third‑party monitoring and concentration risk assessments

Essential

• Demonstrated security leadership experience including senior director‑level leadership in a Tier 1 global financial institution or equivalent regulated enterprise
• Deep technical grounding across infrastructure security including network, multi‑cloud, identity and PAM, endpoint and OT/ICS security
• Show accountability for a significant infrastructure security programme in a multi‑jurisdictional regulated environment
• Evidence strong engagement with regulators including PRA, FCA, ECB, NYDFS and MAS on infrastructure security matters
• Lead major incident response for infrastructure security events including ransomware, nation‑state intrusions or significant cloud incidents
• Design and implement Zero Trust architecture at enterprise scale
• Apply strong cloud security architecture expertise across AWS, Azure and GCP including CSPM, CNAPP, cloud IAM and network security
• Build and lead globally distributed security engineering teams and manage large budgets and vendor relationships with rigour

Desirable

• Secure agentic AI and LLM infrastructure including MCP server security, AI gateway controls and GPU cluster hardening
• Manage TIBER‑EU / CBEST red team scoping and remediation programmes
• Plan quantum‑safe cryptography transition for infrastructure components
• Hold CCSP or AWS/Azure Security Specialty certification or CREST or equivalent TLPT qualification

Securing HSBC’s infrastructure backbone

This is a senior leadership role with real accountability for the resilience of the technology foundations HSBC depends on every day. You’ll shape how security is designed into cloud platforms, networks, identity and OT environments at global scale – protecting critical services across 40+ jurisdictions. If you’re at your best when translating complex technical risk into clear executive decisions and leading teams through high‑stakes moments, you’ll thrive here. Bring your judgement, technical depth and collaborative influence and help set the standard for infrastructure security across the bank.

Being open to different points of view is important for our business and the communities we serve. At HSBC, we’re dedicated to creating diverse and inclusive workplaces – no matter their gender, ethnicity, disability, religion, sexual orientation, socio‑economic background or age. We are committed to removing barriers and ensuring careers at HSBC are inclusive and accessible for everyone to be at their best. We take pride in being a Disability Confident Leader and will offer an interview to people with disabilities, long term conditions or neurodivergent candidates who meet the minimum criteria for the role. If you have a need that requires accommodations or changes during the recruitment process, please contact the Recruiter.