Head of Production CSIRT
Standard / Permanent
PROCUREMENT OR SECURITY OR FACILITIES MANAGEMENT
About BNP Paribas in Asia Pacific (www.apac.bnpparibas)
In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 15,000 employees* and a presence in 14 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.
Worldwide, BNP Paribas has a presence in 74 countries with more than 190,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.
BNP Paribas offers you an exciting career opportunity in an international, challenging business environment characterized by high pace and diversity with focus on creating valuable relations with our customers. We offer a competitive salary & benefits package and also an excellent work environment where you're valued as part of our team!
* excluding partnerships
APAC Production Security teams (based in Singapore and India) is covering multiple IT Security tasks for BNP Paribas Asia Pacific region, such as:
Emergency Response (Production follow-up of Security Incidents in coordination with APAC CSIRT team)
Vulnerability & Compliance Security scanning
Privileged Identity Management
Design & Implementation of Security solutions
Production Support of Security solutions
The team in Singapore is currently looking for an IT Security Team Lead for the Emergency Response team (Production CSIRT) and Logs & Detection activities.
The Team Lead will have to manage the team BAU (and be part of it), Continuous improvement and Change.
In particular, the team will have to create & maintain new technical use cases and leverage on big data / data analytics.
This work will be conducted in close collaboration with EMEA & AMER Production Security teams.
In this position, the Team Lead will interact with vendors (consultant selection, solutions…) and other security teams worldwide.
Finally, given the diversity of activities within Production Security, the new member will have the opportunity over time to expand his knowledge & responsibilities in the department.
- Manage the Team BAU on Emergency Response and Logs & Detection topics
- Manage consultant/relationship with vendors for specific Change activities / tools
- Be an active member of those activity
Build and operate Production Security use cases, in close coordination with Global Production Security teams (CSIRT/SMC) and APAC CSIRT/SMC
Provide input to the department’s management in order to enhance the information security response
Pro-actively work with Production teams in order to prevent Security Incidents & analyze actual incidents & alerts (threat hunting)
- Contribute to the Permanent Control framework for implementation of policies and procedures in day-to-day business activities, such as Control Plan
- Review and Update Incident/Alert Management Procedure.
- Comply with regulatory requirements and internal guidelines
- Contribute to the reporting of all incidents according to the Incident Management System
- Contribute to improvement of tools used by Production Security to follow-up on the Security Incidents
- Contribute in the evolution/implementation of Incident Security procedures
Technical & Behavioral Competencies
Minimum 5 year experience in IT Security with at least one experience as a Manager
Capability to manage multi-cultural teams
Project Management experience
Other experiences in IT, preferably within large Bank/Insurance are appreciated
Master degree with a specialization in IT Security
- Excellent communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner.
Experience working in an international and complex Financial environment, dealing with both business constraints and IT users across countries
Experience in a multi-cultural environment is appreciated
Security certifications (CISSP, CISM, ISO27x…) are appreciated
Project Management certifications are appreciated
Security Incident Management