BNP Paribas offers you an exciting career opportunity in an international, challenging business environment characterized by high pace and diversity with focus on creating valuable relations with our customers. We offer a competitive salary & benefits package and also an excellent work environment where you’re valued as part of our team!
In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 17,000 employees* and a presence in 13 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.
Worldwide, BNP Paribas has a presence in 73 markets with more than 196,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.
BNP Paribas offers you an exciting career in an international business environment that is fast-paced, diverse and focuses on creating high-value relationships with our clients. We offer competitive salary and benefits, as well as a working environment where you're valued as part of the team.
* excluding partnerships
- Direct and control the establishment, implementation and ongoing management of the cyber security and incident response framework, which includes policies, processes and technologies
- Establish the Cyber-Defense Committees and engage representatives to ensure the business units across BNP Paribas deliver the directives set by the Global Cyber Defense Program and the APAC Management
- Influence and convince internal key stakeholders to adopt cyber security policies or invest in appropriate technology such as preventive and detective tools
- Direct and lead the team to formulate and propose strategies and alternative solutions to the Senior Management and Executives on preventing cyber-attacks and responding to cyber incidents
- Lead the team to conduct system, financial and technical feasibility studies on new tools, equipment, techniques, and methodologies; and ensure that the proposed solutions can maximize protection and optimize cost
- Drive for proactive threat management activities to minimize the likelihood of a cyber incident
- Define Key Performance and Key Risk Indicators regarding Cyber Defense activities in APAC
- Lead the Security Monitoring Center in the region and work closely with the Global Security Monitoring Center
- Drive and implement the roadmap of security incident / event monitoring activities for APAC, and align with Global objective
- Responsibility as Head of IT Security in Singapore:
- Ensures the compliance of Singapore to global, regional & local rules,
including local regulatory requirements; as well as being the privilege
contact for security topics impacting Singapore
- Partnership with Business, Organization & Methods, Compliance, IT
teams to provide feedback on the MAS annual IT questionnaire, ad hoc
circulars / guidelines / compliance assessment from MAS on request
- Participates to any security review necessary to ensure a control of the
risk level on the scope of Singapore
- As an alternative contact in ABS Standing Committee and participate to
ABS arranged discussion forums as required (remarks: Primary contact
registered in ABS is the Head of APAC Business & Information
- As the liaison person for Business & Information Security (BIS) team in
Singapore to support local Business Continuity related activities such as
call tree test update, BIA update, BCP drill, etc. Contributing Responsibilities
Technical & Behavioral Competencies
- Contribute to the Permanent Control framework for implementation of policies and procedures in day to day business activities, such as Control Plan
- Comply with regulatory requirements and internal guidelines.
- Contribute to the reporting of all incidents according to the Incident Management System
- At least 10 years of experience in the information security field with at least 5 years of experience in a management capacity and at least 3 years of experience responding to cyber incidents & managing cyber intelligence
- Track record of managing culture change and awareness related to cyber security
- Experience with network, host, and application anomalies and alerts raised by automated systems, such as SIEM, APT, end-point protection, and big data solution.
- Prior experience with critical infrastructure and system aspects of cyber security beneficial
- Familiar with MAS TRM notice and guidelines
- Strong leadership and influencing skills
- Independent, self-motivated and innovative with good problem solving, interpersonal and communication skills, and can foster teamwork
- Good business acumen, and strong experience with delivering high impact business solutions
- Regional exposure is preferred with experience working in different cultures in the Asia-Pacific region and willingness to travel as and when required
Specific Qualifications (if required)
- University degree or equivalent in IT discipline
- Professional credentials in relevant cyber security disciplines, such as CISSP, CISM or CISA, including CISSP-ISSMP, in good standing
- Current memberships and connections with leading cyber security groups in the security community
- ITIL (mandatory), Agile (optional)
- Lean Six Sigma belt ﴾optional)