Vice President, IT Operational Security Manager
SG CIB
Hong Kong
5天前

Environment

SG CIB is the Corporate and Investment Banking arm of the Société Générale Group. Present in over 50 countries across Europe, the Americas and Asia.

SG CIB provides corporate, financial institutions, investors and public sector clients with value-added integrated financial solutions.

Primary Objectives

In alignment with the Head of Security and Anti-Fraud Expertise (SAFE) Information Security, Asia Pacific to ensure Global Banking & Investor Solutions’ (GBIS) Information Risk & Security coverage strategy.

This role acts as a subject expert and part of the regional team managing Cybercrime, Application Security, Identity Management, Technical surveillance and response to Security Incidents.

In specifics of areas coverage includes :

  • Contribute to projects initiated by Paris head office or the regions
  • Handling of regulators across the region as well as lateral peer groups including Computer Security, Human Resources, Legal, Compliance and front office.
  • Where required, the candidate will assist in senior management meetings and communication.

    Participation in Committees

  • Participate to the regular functional meeting with the global and aligned team
  • Participate to the stand-up delivery meeting every morning, (Incident related) Participate to the weekly Incident Review meeting of Security and Anti-
  • Fraud Expertise (SAFE) department in Asia

  • Participate on need basis to global forums (Control Review Board, global Security Incidents, Investigations, tool related meetings)
  • Participate to the IT partner projects kick-off meeting (aka routing meeting )
  • Profile

    Key Skill Areas & Knowledge Required

  • Strong understanding of I.T. infrastructure and I.T. applicative framework architectures
  • Strong background of Information and Computer Security
  • I.T Production awareness and ability to understand complex issues quickly and set priorities according to technical as well as strategic considerations
  • Excellent English verbal and written communication skills, experience of influencing at senior organizational levels, up to and including MD level
  • Sense of service; results orientation; reactivity
  • Innovative and bringing new ideas to improve processes
  • Perform software security testing at a unit, functional, and system wide level
  • Risk Assessment
  • Assess application criticality and to ensure security reviews are professionally managed, in accordance with existing application security policies and standards
  • Perform information security risk assessments which includes project review, assessment of offshoring agents and services, security exception management, ad hoc spot checks of risky areas as well as other security controls
  • Incident Response / Investigation

  • Manage the investigation function regionally, by executing sensitive enquiries relating to Information Security breaches (and fraud, when required) in the region
  • This will involve working across various stakeholder groups, including control functions and law enforcement. Also included is the management of the Bank’s cyber attack response protocol and following up on other suspicious activity generated by the detection system
  • Remediation / Awareness

  • Provide Information and Cyber Security training to our business partners to reinforce the information security awareness knowledge and mindset
  • Put Cyber criminality and protection awareness at the heart of the relationship with peers and partners
  • Projects / Regulation

  • Contribute to projects initiated by Paris head office or the regions
  • Handling of regulators across the region as well as lateral peer groups including I.T. Security, Human Resources, Legal, Compliance and front office.
  • Where required, the candidate will assist in senior management meetings and communication

  • Contact point for regulatory requirements review and discussion
  • Participation in Committees

  • Regional and global governance meetings and normative committees where required
  • Regular governance committee between SAFE and other Technology teams in Asia
  • Daily team stand-up meeting
  • Regular operational committee of integration projects
  • Participation of various IT initiatives, e.g. Digital Transformation program
  • Qualifications

  • Bachelor Degree in Information Technology or equivalent
  • Professional qualification such as ITIL, CISM, CISSP
  • Seasoned professional with exposure to IT and Information Security regulations
  • Experience in normative security
  • Excellent communication skills and fluent in English
  • Experienced Security Expert with a minimum of 10 years of experience
  • 申請
    申請
    郵箱地址
    通過按一下 "繼續 ", 您同意 neuvoo 收集並處理您在本表單中提供的個人資料, 以創建 neuvoo 帳戶並根據我們的 隱私政策 訂閱您的電子郵件通知。您可以在任何時候撤回您的同意, 通過以下 這些步驟
    持續
    申請表格