Cyber Security Expert

Wealth Management is looking for a candidate with minimum of 3 years experience in Application Security and Cyber Security Incident Management

Candidate will participate to IT project security reviews conducted on a global basis across all platforms. This requires the incumbent to foster close working relationships with other business areas and IT Development / Production teams.

The incumbent will work hand in hand with the IT Dev Prod teams and the business as an enabler and a facilitator.

The candidate will be member of WM IT Security Operations team and will report hierarchically to WM CISO EMEA and functionally to Head of WM IT Security Operations. She/he will work with various stakeholders located in Singapore Chennai Switzerland and Paris.

Certification (not mandatory but strongly recommended): CISM CCSP CSK CEH CISSP                                                                                                                                       

Main Tasks:

• APPLICATION SECURITY

Ensure the effective implementation of Secure SDL including the DevSecOps and Threat modelling practices.

Identify and implement the latest security standards for internet facing and internal assets

Improve the Vulnerability Management at the application level in terms of efficiency as well as effectiveness (including Static Acceptance Security Testing SAST Dynamic Acceptance Security Testing DAST and Software Composition Analysis SCA).

Perform Security risk assessments and reviews to be presented to respective committees

Ensure the adequate security level for all WM GAIM applications whatever the IT project managers location and hosting provider

• IT SECURITY COMPLIANCE

Ensure the alignment with the Group and WM GAIM security policies for both project and production assets

Ensure the protection of WM business data with an adequate security level of WM assets based on project assessment and production review processes

Ensure the compliance with regulatory bodies requirements including for APAC (HKMA MAS FSC) EU (DORA) Switzerland (FINMA)

Leveraging on a deep knowledge of Security standards such as NIST CIS ISO2700x ensure the compliance with the IT security requirements

Ensure the compliance with the Third-party Technology risks and Cloud security

Identify the process gaps and provide solutions

• CYBER SECURITY

Ensure the coordination with other IT security or other actors in the region or globally

Assist for a Risk Treatment for any WM issue based on the processes

Identify the IT security risks in advance record and follow-up them

Define and contribute to processes from cybersecurity perspective

Periodic reporting of security status to WM IT Domain Head and security champion

Ensure the regular reporting for management follow-up

Handle Cyber alerts & Incident by investigating and following with handlers until the issue is closed.

Ensure to onboard the Assets & Applications in SIEM and handling BAU create / update relevant documents.

• PRODUCTION SECURITY

                Ensure the effectiveness and success of vulnerability management process
                Ensure the compliance level of the production environment and integrate to reporting 

Qualifications :

Technical Skills:

• Application Security
• IT Security Compliance
• Cyber Security Incident Management
• Vulnerability Management                                       

Language Skills

• English                      

Soft Skills:

• Ability to deliver / Results driven
• Be Proactive
• Communication
• Data Analytic
• Knowledge of Bank Sector        

Remote Work :

No

Employment Type :

Full-time