Asset Management - Business & Information Security Manager
BNP Paribas
Hong Kong, Hong Kong, HK

Role Description and purpose

The role is a key individual that supports the proper execution of Security strategy in Asset Management business line in Asia Pacific.

It supports the application of general policies and best business practices, in accordance with BNPP guidelines and local statutory requirements.

Working within the Group Regional Security team, this individual will be the point contact for Asset Management business and technology teams within the regional security team.

Key responsibilities

  • Business Partnership - Work closely with Business in enabling user tools while maintaining security conformance to the Group control policies and guideline.
  • Participate in Business project discussions, understand project objectives and requirement, provide consultancy on ensuring security compliant, ensure Business fully understand any identified risk.

    Maintain risk acceptance inventories, perform regular monitoring and review. Coordinate with Permanent Control Team to determine the escalation requirement on security incidents and ensure proper closure of topics

  • Alignment with Global Asset Management Security - Coordinate with global teams to understand security validation status of global applications in Asset Management.
  • Ensure uniformity of digital tool usage across regions matching global control requirement. Understand the global security roadmap and align with the regional initiatives to ensure unique experience to Business.

  • Alignment with Territory IT Security in the Region Maintain good working relationship with Security organization. Escalate and track security incidents to Computer Security Incident Report Team.
  • Ensure successful deployment of Group Security strategy / projects to Asset Management.

  • Managing the IT Security topics and working closely with the regional / global teams where necessary.
  • Monitor the evolution of the regulatory framework related to securities for the AM location in Asia & work closely with stakeholders to comply with these evolving needs.
  • Other security related duties and not limited to : Support ongoing Group IT Governance Rules evolution and carry out regular IT Control Campaign.
  • Maintain IT Risk Register & drive AM APAC IT Risk Committee Following up internal and external audit findings and recommendations Participate as a player in Cybersecurity Testing mandatory required by Regulators Assist in preparing material to support regulatory filing etc

    Key Internal / External Relationships

  • Internal : Investment Teams, Dealing, Compliance, Operations, Sales, Marketing, AM Central IT / Security, Group / Bank’s IT / Security
  • External : Application / infrastructure vendors, local regulators
  • Essential qualifications & experience

  • Bachelor's Degree in Computer Engineering, Information Technology, Computer Sciences or equivalent
  • Cybersecurity professional certification either CISSP or CISM a MUST
  • Minimum 8 years working experience in Financial Services as an Information Security Officer preferably with 3 years in Asset Management
  • Active exposure interacting with business stakeholders in Asia Pacific region
  • Ability to work effectively both individually and as part of an international team and with multiple stakeholders
  • Fluent in English, Cantonese and Mandarin is a MUST
  • 报告这项工作

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    通過點擊“持續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。