In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 18,000 employees* and a presence in 13 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.
Worldwide, BNP Paribas has a presence in 68 markets with more than 193,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.
* excluding partnerships
At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.
APAC Production Security teams are responsible for multiple IT Security activities for BNP Paribas in Asia Pacific region, such as:
- IT Production Security Governance, PMO & Risks
- Network Security and Security Design & Architecture
- Vulnerability & Compliance Management
- IAM Production
- Production CSIRT, Detection & SIEM Engineering
- Production support of the Security platforms
As the APAC Detection Engineering & Investigation Lead, you will be in charge of the regional IT Production SOC & Security Investigation & Incident Response teams and processes.
Your role will be to:
- Manage teams of experts on Security Incident Response activities, Anti-Malware/Defense activities and Security Detection activities,
- Oversee the management of the 24/7 regional IT Production SOC which handles the IT Production security alerts for the APAC region,
- Contribute to the enhancement of SIEM and SOAR capabilities,
- Strengthen the detection capabilities in APAC, and be member of the Global Use Case factory committee for a worldwide alignment of the use cases
- Participate to the global continuous improvement of the framework of tools and processes for Security Incident Management, Anti-Malware/Defense and Security Detection,
- Collaborate with the APAC Business CSIRT, accountable for the Security Incident practice in APAC, to strengthen the extended security monitoring setup between Business Information Security and IT Production Security.
- Lead and manage the team of IT Production Security Investigation & Incident Response and oversee the management of the 24/7 regional IT Production SOC
- Be responsible for the security monitoring and security incident response for the regional IT production
- Partner with global, regional and local stakeholders to ensure organizational and procedural efficiency and readiness for detection of suspicious events and reaction upon security incident.
- Continuously improve the processes to strengthen the current SOC framework via review of policies and operational playbooks
- Steer the regional threat modeling, identification of threat vectors and development of related security monitoring capabilities
- Participate in the Use Case Committee factory to improve the detection capabilities of the Bank
- Report to global regional and local stakeholders on the strategic and operational aspects of these activities
- Partner with the APAC Business CSIRT for integrated security monitoring and alert/incident handling operations.
- Contribute to local security incident response outside the direct scope of responsibilities (i.e. local IT production in some APAC business entities)
- Contribute to the Bank compliance with regulatory requirements and internal policies
- Contribute to the reporting of all incidents according to the Incident Management System
- Contribute to the control frameworks in day‐to‐day business activities, such as Control Plan; Participate to Audit interview and provide the require evidences
Competencies (Technical / Behavioral)
- Requires a minimum of 8+ years of experience as security professional
- Excellent interpersonal and communication skills; ability to influence and motivate
- Ability to handle high pressure situations with key stakeholders to collaborate and communicate effectively and respectfully with both business-oriented executives and technology-oriented personnel in teams across the organization
- Experience of performing security monitoring and incident response activities in an advanced Security Operation Centers (SOC) environment (log analysis, event analysis, incident investigation, reporting)
- Experience and knowledge in investigating incidents, remediation, tracking and follow-up for incident closure with concerned teams, stakeholders.
- Exhaustive technical knowledge and hands on experience in several security domains
- Thorough understanding of technologies and security concepts, with knowledge & hands on experience in SIEM Product and Security Incident Management
- Program and project management expertise
- Ability to manage a budget
- Taking initiative: be proactive and run decision-making processes autonomously
- Client focus and Results oriented: understand the business processes that IT & Security solutions provide and work on continuous enhancement
- Strategic vision: ability to develop strategic targets and to build paths to achieve them
- Communication skills: excellent communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner
- Analytical skills: interpretation of complex situations and elaboration of adapted solutions in a proactive way
- Rigor & Accuracy: focus on robust deliverables for long term achievements
- Flexibility: capacity to adapt in a fast-paced changing environment
- Successful people management experience
- Professional credentials in one of the relevant IT Security disciplines is a plus (CISSP / OSCP / SANS)
- Experience in common scripting languages such as Python, PowerShell, Bash is a plus
- Experience in SIEM on ELK stack is a plus