Standard / Permanent
Worldwide, BNP Paribas has a presence in 73 markets with more than 196,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.
BNP Paribas offers you an exciting career in an international business environment that is fast-paced, diverse and focuses on creating high-value relationships with our clients. We offer competitive salary and benefits, as well as a working environment where you’re valued as part of the team.
* excluding partnerships
The Cyber Threat Intelligence Analyst will collect, research, coordinate, and deliver intelligence gathered from various sources to increase BNPP’s cyber threat awareness, programs and initiatives within APAC. The successful candidate will work within the APAC Cyber Threat Intelligence team, reporting into the Head of APAC Cyber Security & Digital Forensics.
Participate in the development of CTI methodologies and activities within and across BNP Paribas APAC, to include (but not limited to) the areas of Cyber Security and Security Operations.
Work closely with threat intelligence feeds, external intelligence parties (FS-ISAC), and internal stakeholders to correlate and analyze threat data to identify and address threats relevant to BNPP.
Identify, prioritize, task, and track BNPP’s CTI requirements
Educate Management and operational teams regarding the threat landscape, trending actor TTPs, active and developing campaigns, and other aspects of CTI as required by BNPP organizations.
Identify and track threats (actors, campaigns) across domains (crime, espionage, hacktivism) of potential concern to BNPP utilizing both technical and actor information, threat intelligence platforms, and other sources.
Good understanding of the threats to key banking activities across various business lines.
Situational awareness concerning the APAC threat landscape; including but not limited to APAC threat groups and their related campaigns.
Work closely with existing infrastructure and security teams, both to receive input and to provide practical and actionable intelligence.
Internal collaboration and networking experience with business lines to collect and formulate intelligence requirements for key banking activities and their related risks. Knowledge and application of the Intelligence Cycle and TTP profiling frameworks.
Main interfaces including Production Security, Cyber Threat Intelligence, Cyber Security Incident Response Team, Digital Risk & Security Risk Management, Service providers, Business IT, Legal and Compliance, CTO, CIOs, and country COOs.
Contribute to the Permanent Control framework for implementation of policies and procedures in day‐to‐day business activities, such as Control Plan.
Comply with regulatory requirements and internal guidelines.
Contribute to the reporting of all incidents according to the Incident Management System
Technical and Behavioral Competencies / Specific Qualifications (if required)
• At least 5 years of experience in the information security (cyber security) field with at least 2 year of experience working with or as part of a CTI organization.
• Formal training and experience in intelligence analysis or targeting / collections management preferred
• Track record of managing culture change and awareness related to information/cyber security threat landscape
• Prior experience as part of a security operations or incident response organization extremely beneficial
• Independent, self-motivated and innovative with good problem solving, interpersonal and communication skills, and can foster teamwork
• Fluent spoken and written Chinese preferred to interact with counterparts in China, Hong Kong and Taiwan
• Russian language experience is a plus to understanding source code comments
• Regional exposure is preferred with experience working in different cultures in the Asia-Pacific region
• Strong understanding of cyber threat analysis models such as kill chain, diamond model, etc and how they apply to both targeted and non-targeted threats
• Experience using commercial and open source (OSINT) information to support intelligence analysis
• Experience in common scripting languages such as Python, Ruby, LUA, Powershell or BASH
• Strong understanding of common security products and technologies utilized in Enterprise environments (proxies, WAF, Firewalls, IDPS, Anti-Malware, Endpoint, etc)
• Understanding of the OSI stack and the various protocols from layer 1 – 7 including SNMP, HTTP, VPN, DNS, etc.
• University degree or equivalent in IT discipline
• Professional credentials in one of the relevant cyber security disciplines
• Agile (optional)
• CompTIA Security+/ITIL certification