Cyber Security Forensic Incident Response Manager - VP
In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 17,000 employees* and a presence in 13 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.
Worldwide, BNP Paribas has a presence in 73 markets with more than 196,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.
BNP Paribas offers you an exciting career in an international business environment that is fast-paced, diverse and focuses on creating high-value relationships with our clients. We offer competitive salary and benefits, as well as a working environment where you’re valued as part of the team.
* excluding partnerships
The role will conduct cyber Forensic Investigations and manage Cyber incident response officers specifically on e-fraud cases for all the business entities in BNPP Asia Pacific.
Successful candidate would be able to demonstrate a state of the art understanding of Cyber Security, thinking out of the box, relevant experience in managing large geography and multi-cultural team, as well as having a sound and demonstrated experience in large organizations from the financial industry.
* Manage the team of professional across the Asia Pacific region, on both the Cyber Incident Response and Digital Forensics aspects
* Manage the program delivery around Incident Response and Forensics maturity aspects
* Enrich the Forensic service catalogue with Fraud forensic investigations for BNP Paribas Asia Pacific
* Build the Forensic Investigation framework to deliver Forensic service to the APAC BNP Paribas métier and business such as: Compliance, Legal, Operational Risk Control
* Test, implement and deploy Forensic tools and technologies to deliver the expected catalogue of services for the business lines and métiers
* Conduct analyses related to forensic investigations, cybercrimes, and/or cyberattacks from inside and external threat actors.
* Develop processes to enable forensic investigations and evidence to be court-admissible
* Perform threat management and protection against threats including malware, phishing, hacking and DDoS
* Experience conducting computer forensic analysis, maintaining chain of custody and testifying on evidence collected.
* Investigation and recommendations to identify gaps from the incident.
* Review and Update Incident Management Procedure.
* Develop and Update operational playbook e.g. DDOS, ransomware
* Prepare investigation report and KPI indicator on security incidents.
* Co-ordinate and liaise with global, regional and local incident response team.
* Co-ordinate with internal security teams for incident response.
* Assist with routine compliance and audit functions to ensure requirements are satisfied. Provide input to the department’s management for enhancing the information security strategy. Stay current on security industry trends, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences, networking with peers and other education opportunities.
* Contribute to the Permanent Control framework for implementation of policies and procedures in day-to-day business activities, such as Control Plan
* Comply with regulatory requirements and internal guidelines.
* Contribute to the reporting of all incidents according to the Incident Management System.
Technical and Behavioral Competencies required
* At least 10 years of experience in leading information system team (ideally LOD1 / cyber or information security) field with at least 5 year of experience working with or as part of a Cyber Security team.
* Formal training and experience in intelligence analysis or targeting / collections management preferred
* Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner
* Prior experience as part of a security operations or incident response organization extremely beneficial
* Regional exposure is preferred with experience working in different cultures in the Asia-Pacific region
* Experience in common scripting languages such as Python, Ruby, LUA, Powershell or BASH
* Strong understanding of common security products and technologies utilized in Enterprise environments (proxies, WAF, Firewalls, IDPS, Anti-Malware, Endpoint, etc)
* Understanding of the OSI stack and the various protocols from layer 1 – 7 including SNMP, HTTP, VPN, DNS, etc.
Experience and Qualifications required
* Bachelor’s degree in Computer Science, Information Assurance, or a related degree or equivalent experience.
* At least 10 years of relevant working experience, industry recognized certificate (ITIL) and security mandatory (CISSP, CISM certification).
* Holder of information Security and Forensics Certificate (i.e. GIAC, CCME, CEH, Encase) preferred