IT Security Officer Ref 60032 H/F
Crédit Agricole CIB est la banque de financement et d'investissement du groupe Crédit Agricole, 10ème groupe bancaire mondial en taille de bilan 2021 (The Banker, juillet 2022).
Près de 8600 collaborateurs répartis dans plus de 30 implantations en Europe, Amériques, Asie-Pacifique, Moyen-Orient et Afrique du Nord, accompagnent les clients de la Banque dans la couverture de leurs besoins financiers à travers le monde.
Crédit Agricole CIB propose à ses clients grandes entreprises et institutionnels une gamme de produits et services dans les métiers de la banque de marchés, de la banque d'investissement, des financements structurés, de la banque commerciale et du commerce international.
Pionnier dans le domaine de la finance Climat, la Banque occupe aujourd'hui une position de leader sur ce segment avec une offre complète pour l'ensemble de ses clients.
La majorité des postes est éligible au télétravail dans les conditions prévues par notre accord reposant sur le double volontariat (collaborateur & manager) et après une période d'intégration réussie.
Crédit Agricole CIB s'engage en faveur de l'insertion des personnes en situation de handicap, ainsi ce poste est ouvert à toutes et à tous.
Pour plus d'information : www.ca-cib.fr
Twitter : https://twitter.com/ca_cib
LinkedIn : http:///company/credit-agricole-cib/
Position
IT Security Officer (ITSO)
IT Security Officer role is responsible for managing and supervising Information Technology Security matters for the Bank in Singapore and ensuring that the execution of Information Security activities are in alignment with Banks' Security Policy and Standards. Person is also in charge of coordination of operational security of Information Systems, conducting Cyber Security Risk Assessment and ensuring effective management of IT Security initiatives in Singapore.
Main Responsibilities (not limited to)
Information Systems in Singapore are in alignment with Groups' Security Policies and Standards;
Develop, contribute and establish local Security Policies, guidelines, standards and processes (as applicable) in conformance to Group's Information System Security Policies, Governance Texts and local regulatory requirements.
Conducting Information Security (Cyber) risk assessments to identify Cyber risks, develop and maintain adequate and comprehensive mitigation and deliver subsequent corrective actions when KPI results are unsatisfactory.\
Advising business teams, technology teams and leadership on implementing cyber security best practices for managing cyber and technology risks.
Maintaining oversight on Key Cyber risk/IT Security indicators in scope;
Maintaining oversight on the deployment of various Security Programs and projects running for the bank in the region.
Coordinate studies on security requirements for implementing new IT Security solutions and provide consultation support on IT infrastructures and Applications teams
Ensuring all Security related requests and derogations are reviewed and granted based on Security Risk Assessments;
Ensuring the Vulnerabilities under the perimeter are managed and mitigated as per the defined Vulnerability Management Process;
Assist and recommend the Local IT teams to define and implement remediation actions plans derived from audits or security reviews.
Follow up on IT security related audit recommendation action plans falling under SG or other entities
Maintain and Publish the Security Dashboard for Singapore for the Security KPIs;
Supporting the IT Permanent Controls team and CLSi function on technical matters related to IT Security topics;
Ensuring technical security projects for the region are
properly taken into account and effectively delivered;
Accompanying local IT teams in technical security topics where Security expertise and advices could BE needed, to ensure proper implementation of standards and best practices;
Acting as an entry point for all technical security related matters to assess the overall Information Systems Security;
Raising operational security needs or constraints, or local constraints, proposing solutions and possible adaptations of standards in case they cannot cover a precise local requirement (for example due to a local regulation);