Security Expert - Vulnerability Management

BNP Paribas offers you an exciting career opportunity in an international, challenging business environment characterized by high pace and diversity with focus on creating valuable relations with our customers. We offer a competitive salary & benefits package and also an excellent work environment where you’re valued as part of our team!

About BNP Paribas in Asia Pacific ( www.apac.bnpparibas )

In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 15,000 employees* and a presence in 14 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.

Worldwide, BNP Paribas has a presence in 74 countries with more than 190,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.

BNP Paribas offers you an exciting career opportunity in an international, challenging business environment characterized by high pace and diversity with focus on creating valuable relations with our customers. We offer a competitive salary & benefits package and also an excellent work environment where you're valued as part of our team!

* excluding partnerships

Position Purpose

APAC Production Security teams (based in Singapore and India) is covering multiple IT Security tasks for BNP Paribas Asia Pacific region, such as:

- Emergency Response (Production follow-up of Security Incidents in coordination with APAC CSIRT team)
- Network Security
- Vulnerability & Compliance Security scanning
- Privileged Identity Management
- Designing & Implementation of Security solutions
- Production Support of Security solutions

The team in Singapore is currently looking for an IT Security Professional, within the Security Scans teams.

The new joiner will work on Security & Compliance scans for Internet facing assets, Intranet application, Intranet servers and all infrastructures assets across Asia-Pacific.

The new joiner will not only perform day-to-day scan and follow-up of the remediation, but also onboard new assets and look into improving the reporting.
Excellent communication & presentation skills will be needed, in order to help any involved party understanding the risk.

Given the diversity of activities, the new team member will have the opportunity over time to expand his knowledge & responsibilities on the other topics managed by the teams.

Responsibilities

Direct Responsibilities

1. Perform day-to-day Security & Compliance scans; follow-up on the remediation
2. Onboard assets
3. Communicate with internal party in order to raise awareness and maintain the response time
4. Coordinate with Global teams on the Vulnerability Management topic
Contributing Responsibilities
1. Contribute to the Permanent Control framework for implementation of policies and procedures in day-to-day business activities, such as Control Plan
2. Review and Update Vuln. Mgmt procedure
3. Contribute to Internal Audit response activities
4. Comply with regulatory requirements and internal guidelines
5. Contribute to improvement of tools used by Production Security to follow-up on the Security Incidents

Technical & Behavioral Competencies

• 2/3 year experience in IT Security minimum or 10 years in IT Application/IT Dev. side
• University degree, preferably in Computer Science with spec. in IT Security
• Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner.
• Curious and highly implicated in IT Security
• Team player
• Experience working in an international and complex Financial environment, dealing with both business constraints and IT users across countries
• Good knowledge of Security scanning tools is highly appreciated
• Experience in a multi-cultural environment is appreciated
• CISSP or other Security certifications are appreciated
• Experience in Development languages is appreciated