Entity
About Crédit Agricole Corporate and Investment Bank (Crédit Agricole CIB)
Crédit Agricole CIB is the corporate and investment banking arm of Crédit Agricole Group, the 10th largest banking group worldwide in terms of balance sheet size (The Banker, July 2022).
8,600 employees in more than 30 countries across Europe, the Americas, Asia-Pacific, the Middle-East and North Africa, support the Bank's clients, meeting their financial needs throughout the world.
Crédit Agricole CIB offers its large corporate and institutional clients a range of products and services in capital market activities, investment banking, structured finance, commercial banking and international trade.
The Bank is a pioneer in the area of climate finance, and is currently a market leader in this segment with a complete offer for all its clients.
For more information, please visit www.ca-cib.com
Twitter: https://twitter.com/ca_cib
LinkedIn: https://www.linkedin.com/company/credit-agricole-cib/
By working every day in the interest of society, we are a group committed to diversity and inclusion. All our positions are open to people with disabilities.
Reference
2024-88920
Update date
22/04/2024
Position
IT Security Officer (ITSO)
IT Security Officer role is responsible for managing and supervising Information Technology Security matters for the Bank in Singapore and ensuring that the execution of Information Security activities are in alignment with Banks’ Security Policy and Standards. Person is also in charge of coordination of operational security of Information Systems, conducting Cyber Security Risk Assessment and ensuring effective management of IT Security initiatives in Singapore.
Main Responsibilities (not limited to)
- Information Systems in Singapore are in alignment with Groups’ Security Policies and Standards;
- Develop, contribute and establish local Security Policies, guidelines, standards and processes (as applicable) in conformance to Group’s Information System Security Policies, Governance Texts and local regulatory requirements.
- Conducting Information Security (Cyber) risk assessments to identify Cyber risks, develop and maintain adequate and comprehensive mitigation and deliver subsequent corrective actions when KPI results are unsatisfactory.\
- Advising business teams, technology teams and leadership on implementing cyber security best practices for managing cyber and technology risks.
- Maintaining oversight on Key Cyber risk/IT Security indicators in scope;
- Maintaining oversight on the deployment of various Security Programs and projects running for the bank in the region.
- Coordinate studies on security requirements for implementing new IT Security solutions and provide consultation support on IT infrastructures and Applications teams
- Ensuring all Security related requests and derogations are reviewed and granted based on Security Risk Assessments;
- Ensuring the Vulnerabilities under the perimeter are managed and mitigated as per the defined Vulnerability Management Process;
- Assist and recommend the Local IT teams to define and implement remediation actions plans derived from audits or security reviews.
- Follow up on IT security related audit recommendation action plans falling under SG or other entities
- Maintain and Publish the Security Dashboard for Singapore for the Security KPIs;
- Supporting the IT Permanent Controls team and CLSi function on technical matters related to IT Security topics;
Ensuring technical security projects for the region are - properly taken into account and effectively delivered;
- Accompanying local IT teams in technical security topics where Security expertise and advices could be needed, to ensure proper implementation of standards and best practices;
- Acting as an entry point for all technical security related matters to assess the overall Information Systems Security;
- Raising operational security needs or constraints, or local constraints, proposing solutions and possible adaptations of standards in case they cannot cover a precise local requirement (for example due to a local regulation);
Degree and above relevant discipline
Candidate Profile
- Must have a minimum 10 years of relevant experience in IT Security domain;
- Must be a bachelors/masters/engineering graduate or equivalent technical degree in Information Technology or Computer Science;
- Must have knowledge of different domains of Information Security;
- Must have prior hands-on experience in governance, managing and operating the Information System Security;
Should have experience in working in first and second line of Cyber defense; - Must have experience in conducting Cybersecurity Risk Assessments, security reviews of IT Projects;
- Must have experience in Security Exceptions management
Ability to apply risk based approach while working on assigned responsibilities; - Experience in defining, implementing, and enforcing enterprise-level Information Security Policies
- Excellent in analytical, communication and documentation skills;
- Must have strong understanding of ITIL processes and comfortable working in process oriented environment;
- Should have time management skills and able to manage work in fast moving environment;
- Should have excellent written and oral English language skills;
Professional Certifications :
- CISSP certification is must
- Any other IT Security or Cyber Risk related certifications are desirable
Work Schedule
- Work Hours: 8.45a.m. to 6. 30p.m (Monday to Friday) with one-hour lunch break.