The bank for a changing world

We are looking for

Deputy CISO Asia (AVP)

Job type Permanent
Job Function Information technology
Brand BNP Paribas Wealth Management
Level of experience 3 to 5 years
Apply REF: WEA000533

In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 17,000 employees* and a presence in 13 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.
Worldwide, BNP Paribas has a presence in 73 markets with more than 196,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.

BNP Paribas offers you an exciting career in an international business environment that is fast-paced, diverse and focuses on creating high-value relationships with our clients. We offer competitive salary and benefits, as well as a working environment where you’re valued as part of the team.

* excluding partnerships

Main Scope
Role of Wealth Management Deputy APAC Chief Information Security Officer, being understood this role includes delegations from APAC WM CISO.

Main Responsibilities


 Deputy APAC WM Security Manager
o Ensure the protection of WM business data with an adequate security level of WM assets, based on project assessment and production review processes
o Coordinate with APAC WM security actors, including Chennai-based resources
o Coordinate with APAC WM and CIB IT teams on risk and security topics, while promoting a secure development and deployment culture
o Assist for a Risk Treatment for any APAC WM issue, based on the WM GAIM generic process
o Identify the IT security risks in advance, record and follow-up them

 Application Security
o Ensure the effective implementation of Secure SDLC
o Identify the latest security standards and make sure of their implementation
o Improve the Vulnerability Management at the application level in terms of efficiency as well as effectiveness
o Perform risk assessments and reviews to be presented to respective committees
o Ensure the adequate security level for all WM GAIM applications, whatever the IT project manager’s location and hosting provider

 Production Security
o Identify the production security requirements and ensure a smooth integration of WM assets within APAC IT Production, including network flow opening and Application Zoning compliance
o Identify the compliance level of the production environment and integrate them
o Perform an adequate Vulnerability Management at the server and middleware level based on production scans


 IT security compliance
o Ensure the alignment with the Group, Wholesale and WM GAIM security policies, for both project and production assets
o Ensure the compliance with APAC regulators requirements, mainly HKMA and MAS

 CyberSecurity Program
o Steering and driving of the security initiatives on the APAC scope expected by the WM CyberSecurity Program

 Coordination with IT Security actors
o Reporting line to the WM APAC CISO: alignment on the objectives and means, contribution to the different global reporting (WM Cybersecurity Committee, Wholesale Application Security Dashboard…)
o Coordination and control of security activities performed by APAC BIS and Production Security teams, including project assessment from production point of view, production security review, user security awareness for the WM scope.
o Coordination with the Swiss Security team concerning integration of WM assets within Swiss IT production
o Keeping  abreast of initiatives by the IT Security community within the Group and other IT Security stakeholders within the Group


Essential Banking Knowledge  

  • Banking Knowledge and understanding of Wealth Management specificities 
  • International and APAC banking regulations 

Essential Technical Knowledge 

  • Program/Project Management 
  • Knowledge of standard IT Security concepts and methodologies 
  • Technical proficiency in the various Operating Systems and Databases 
  • Knowledge of state of the art technologies 
  • Knowledge of Cloud, Mobile and Virtualization Technologies 
  • Knowledge of IAM and PAM 

Essential Personal Skills

  • Communication skills – Ability to interact throughout oral and written communication skills 
  • Ability to provide an accurate reporting to the Management
  • Must be motivated, and able to work independently as well as part of a team
  • Must demonstrate ethical responsibility, maturity, and discretion

Qualifications and Experience

  •  Experience in evaluation and design of technical architectures
  •  Functional as well as technical knowledge of the applications used within BNP Paribas
  •  Knowledge of the Norms and Standards of the BNP Paribas Group, in particular with respect to ITRM & Wholesale IT Security Norms and Policies

Other Value-added Competencies

  Operational Risk and Permanent Control

Primary Location: SG-Singapore-SingaporeJob Type: Standard / PermanentJob: INFORMATION TECHNOLOGYEducation Level: Master Degree or equivalent (> 4 years)Experience Level: At least 5 years Behavioural competency: Ability to collaborate / Teamwork, Critical thinking, Ability to deliver / Results driven, Organizational skillsTransversal competency: Ability to understand, explain and support change, Ability to inspire others & generate people's commitment, Ability to develop and adapt a process , Ability to manage a project