Sr. AWS DevOps Engineer
Jersey City, NJ

Job Description

The Sr. AWS Engineer will be a member of the Global Security Technology team. This team is responsible for identifying, developing and deploying global cybersecurity controls across the estate leveraging the firm's assets, network and data to identify threats. This role will partner heavily with IT Infrastructure Delivery (ITID) and support the end to end secure deployment of security technologies across the firm as well as leading and attracting talent to build a world class team

Impact on the Business/Function

* Protect the Bank. Protect the bank via proactive regulatory risk reduction actions. Ensure regulatory reporting is consistent across regions / businesses and centrally track reporting through governance committess, maintain a rolling agenda for review.
* Risk vs. Reward Decision Making. Make informed and educated risk decision making. Make appropriate commercial / financial institution risk vs reward security decisions.
* Driving sustainable growth. Develop the compliance awareness, engage with colleagues across the functions and businesses departments to deliver sustainable risk and compliance solutions. Lead and facilitate change through effective communication, preparation and implementation.
* Achieving excellence. Drive business performance, compliance and security.
* Risk Reduction. Work with key stakeholders (IT and business) to proactively drive the reduction in IT Security risks and to improve the security risk posture of HSBC within the business risk appetite.
* Awareness. Improve awareness of IT Security risks / threats across IT and the business.

Customers / Stakeholders

* Customer focus. Lead a customer- led and direct the wider reporting function, both on-shore and off-shore. Engage with relevant programmes and initiatives that impact upon governance, compliance and risk reporting. Deliver fair outcomes for our customers and ensure own conduct maintains the orderly and transparent operation of financial markets.
* Strengthening stakeholder relationships. Engage with senior stakeholders across all three lines of defence to recognise management and governance reporting requirements within major businesses and entities and at Group level. Provide support to the LISOs and BIROs with regards to engagement with external stakeholders and regulators, through provision of data as regards support the risk posture to the control enviornment.
* Understanding markets and customers. Understand the financial services industry security and threat landscape. Analyse, interpret and communicate developments in the customer's and business segment's local marketplace.

Leadership & Teamwork

* Develop and communicate a clear vision for the regional teams that is aligned to the overall HSBC vision, values and goals, and inspires and engages people to create an inclusive, high performing, customer-centered culture.
* Lead, develop and motivate the leadership team to attract, retain and develop the capacity, capability and talent to provide for succession and ensure delivery of business objectives.
* Set expectations, share best practice and manage, monitor, coach and develop leaders and others to ensure that they maximise their performance, meet the required standards, and continuously develop their capabilities and experience.
* Lead and encourage constructive cross-country and cross-business teamwork by demonstrating collaboration and matrix management in action and taking prompt action to address any activities and behaviours that are not consistent with HSBC's diversity policy and/or the best interests of the business and its customers.

Operational Effectiveness & Control

* Lead the continuing development, implementation and improvement of the processes, structures, capabilities, capacity and infrastructure needed to deliver agreed plans and targets. Collaborate with colleagues to maximise end to end integration, effectiveness and efficiency.
* Establish and maintain a robust and efficient control environment across IT Security to ensure good operational, financial and project management and compliance with HSBC policy and procedures, together with early identification and effective resolution or escalation of issues that arise.
* Lead the development, implementation and maintenance of a global management information, analysis and reporting framework for the Technology team's activities that supports and informs timely and effective business management and decision making at all levels.

Management of Risk

* The jobholder will ensure the fair treatment (service excellence) of our customers is at the heart of everything we do, both personally and as an organisation.
* The jobholder will also continually reassess the IT Security and operational risks associated with the role and inherent in the business, taking account of changing economic or market conditions, legal and regulatory requirements, operating procedures and practices, management restructurings, and the impact of new technology.
* This will be achieved by ensuring all actions take account of the likelihood of operational risk occurring. Also by addressing any areas of concern in conjunction with entity management and/or the appropriate department.

Observation of Internal Controls

* Maintains HSBC internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators.
* The jobholder will also adhere to and be able to demonstrate adherence to internal controls. This will be achieved by adherence to all relevant procedures, keeping appropriate records and, where appropriate, by driving the timely implementation of internal and external audit points, including issues raised by external regulators, and internally identified IT security risks.
* The jobholder will implement the group compliance policy by containing compliance risk in liaison with Global Head of Compliance, Global Compliance Officer, Area Compliance Officer or Local Compliance Officer. The term 'compliance' embraces all relevant financial services laws, rules and codes with which the business has to comply.
* This will be achieved by adhering to all relevant processes/procedures and by liaising with compliance department about new business initiatives at the earliest opportunity. Also and when applicable, by ensuring adequate resources.

Role Dimension

* Internal and external relationships. Build an effective team who gain trust, and operate with transparency and consistency in the relationships with the key stakeholder groups. Build an effective working relationship with the in-country GB / GF management to ensure that governance and risk is given appropriate focus by the in-country GB / GF.
* Regulatory. Leadership of all IT Security regulatory and compliance matters and the management of related operational risk.
* Manage local expectations and requirements, within current global processes. Operate IT Security controls that cannot be handled by global teams.
* Driving IT Security Risk Reduction and Control Improvements within the local, regional and global context.
* At least 5-7 years' experience building and tuning highly available infrastructure in AWS
* Demonstrable experience of IT Security capability with a minimum of 3-5 years' experience working in Cyber Security environments plus relevant IT Industry experience.
* Deep understanding of current AWS capabilities, limitations, and costing methodologies.
* Hands on experience designing effective and scalable security strategies using IAM roles/ policies.
* Hands on experience with AWS foundation services related to compute, network, content delivery, administration and security, deployment and management, automation technologies.
* Lead the design, implementation, testing, documenting of infrastructure technologies with varying degrees of hands-on execution tasks
* Excellent experience as a Sr. DevOps AWS Architect for major Fortune 500 companies
* Extensive experience planning, architecting, and implementing DevOps tools Jenkins, Git, Chef, Puppet
* Currently automating builds with AWS Docker and writing Puppet Code for AWS Docker Containers at The Federal Reserve Bank
* Extensive experience writing Chef based infrastructure cookbooks
* Strong experience creating and managing Docker Images and Containers for production in Docker Data Center
* Extensive experience deploying and configuring Big Data Servers
* Strong experience training and mentoring DevOps Engineers
* Extensive experience implementing AWS Docker Networking, Security, and Disaster recovery
* Excellent communication skills and available to interview immediately
* Ability to build architectures and provide prescriptive guidance across network, storage, operating systems, virtualization, RDBMS & NoSQL databases, mid-tier technologies that include application integration, Streaming, in-memory caches, and security.
* Ability to provide architecture decisions related to AWS services (Route 53, ELB, EC2, ECS, SQS, SNS, CloudWatch, Lambda, Dynamo DB, Kinesis, etc.).
* Strong experience in building and deploying applications on the Cloud, using CI/CD frameworks and Infrastructure automation.
* Excellent verbal/written communications & org skills with ability to facilitate meetings and conduct consulting activities.
* Working knowledge of all AWS web services

Preferred Skills:

Candidate must have completed the following certifications:

* Certified AWS Solutions Architect - Associate OR
* Certified AWS Solutions Architect - Professional

EEO/AA/Minorities/Women/Disability/Veterans