資訊安全部 Head of Security & IT Governance

Responsibilities 

The missions of the Local Security Officer cover all the major security activities for Information systems security (ISS):

• Ensures proper IT & Security Governance / Management / Control plan execution
• Local Data Protection Correspondent intervenes on behalf of DPO.
• Be the Head Office (HO) correspondent 
• Reporting on Taiwan Vie Cardif Cyber Security to Entity, HO and Group
• Implements Group, Cardif and APAC Security framework.
• Supports business in the definition of the Security requirements.
• Setting up a Cyber Security network and communicating the vision
• Performs regular Security review.
• Ensure that decisions / projects are taken / launched with the appropriate level of security or security awareness.
• Ensure proper implementation of Identity Access Management (IAM).
• Ensure proper security awareness level of the organization.
• Ensure regular communication / update with regional and head office teams.
• Ensure proper management and optimization of security professionals placed under his/her responsibility.
• To support and monitor Business Continuity and IT Continuity and collaborate with the Corporate, Regional, Country and APAC Continuity teams.
• Ensuring compliance with the Security requirements of the policy framework.
• Promoting security risk prevention as part of BNP Paribas Cardif ISS activities.
• Boosting the performance of security procedures and optimizing the related costs.
• Carrying out surveillance and monitoring to anticipate Cyber Security risks linked to the technologies used at the entity
• Ensuring that security aspects are integrated into the entity’s project management process by introducing appropriate information security policies and practices
• Working with the entity’s procurement and legal departments to ensure that information security obligations are included in agreements with third parties
• Assisting with and managing Cyber crises
• Leading and supervising the security of customer data and the Taiwan Vie Cardif data and IT asset

Business Knowledge

• IT security, cybersecurity and Digital Knowledge & Culture
• Possess more than 15 years of information systems security related experience and 5 years in management position.
• Possess a minimum of 5 years of insurance industry experience is a plus.

Technical Experience / Competencies

• Demonstrable competency in IT security strategic planning, project management and budget control.
• Good English oral and written communication skills is expected.
• Well understanding regulatory requirements
• Analytical Ability
• Ability to anticipate business / strategic evolution,  to understand, explain and support change, Ability to inspire others & generate people’s commitment, Ability to develop others & improve their skill

Behavioral Competencies

• Aptitude in decision-making and problem-solving
• Actively contribute to security strategies through multi-stakeholder management
• Strong leadership; people development and teamwork skills.
• Impact / Ability to influence, Proactivity, Resilience, Creativity and innovation / Problem solving, Decision Makin
• Communication Skills - Oral & Written