Cyber Security Expert
Cyber Security Expert
Contrato sem Termo
Mission
Wealth Management is looking for a candidate with minimum of 3 years' experience in Application Security and Cyber Security Incident Management
Candidate will participate to IT project security reviews conducted on a global basis across all platforms. This requires the incumbent to foster close working relationships with other business areas and IT Development / Production teams.
The incumbent will work hand in hand with the IT Dev, Prod teams and the business, as an enabler and a facilitator.
The candidate will be member of WM IT Security Operations team and will report hierarchically to WM CISO EMEA and functionally to Head of WM IT Security Operations. She/he will work with various stakeholders located in Singapore, Chennai, Switzerland and Paris.
Certification (not mandatory but strongly recommended): CISM, CCSP, CSK, CEH, CISSP
Main Tasks:
- APPLICATION SECURITY
Ensure the effective implementation of Secure SDL including the DevSecOps and Threat modelling practices.
Identify and implement the latest security standards for internet facing and internal assets
Improve the Vulnerability Management at the application level in terms of efficiency as well as effectiveness (including Static Acceptance Security Testing – SAST, Dynamic Acceptance Security Testing – DAST and Software Composition Analysis – SCA).
Perform Security risk assessments and reviews to be presented to respective committees
Ensure the adequate security level for all WM GAIM applications, whatever the IT project manager’s location and hosting provider
- IT SECURITY COMPLIANCE
Ensure the alignment with the Group and WM GAIM security policies, for both project and production assets
Ensure the protection of WM business data with an adequate security level of WM assets, based on project assessment and production review processes
Ensure the compliance with regulatory bodies requirements, including for APAC (HKMA, MAS, FSC), EU (DORA), Switzerland (FINMA)
Leveraging on a deep knowledge of Security standards such as NIST, CIS, ISO2700x, ensure the compliance with the IT security requirements
Ensure the compliance with the Third-party Technology risks and Cloud security
Identify the process gaps and provide solutions
- CYBER SECURITY
Ensure the coordination with other IT security or other actors in the region or globally
Assist for a Risk Treatment for any WM issue, based on the processes
Identify the IT security risks in advance, record and follow-up them
Define and contribute to processes from cybersecurity perspective
Periodic reporting of security status to WM IT Domain Head and security champion
Ensure the regular reporting for management follow-up
Handle Cyber alerts & Incident by investigating and following with handlers until the issue is closed.
Ensure to onboard the Assets & Applications in SIEM and handling BAU, create / update relevant documents.
- PRODUCTION SECURITY
Ensure the effectiveness and success of vulnerability management process
Ensure the compliance level of the production environment and integrate to reporting
Perfil
Technical Skills:
- Application Security
- IT Security Compliance
- Cyber Security Incident Management
- Vulnerability Management
Language Skills
- English
Soft Skills:
- Ability to deliver / Results driven
- Be Proactive
- Communication
- Data Analytic
- Knowledge of Bank Sector
Organização
Inetum is a European leader in digital services. Inetum’s team of 28,000 consultants and specialists strive every day to make a digital impact for businesses, public sector entities and society. Inetum’s solutions aim at contributing to its clients’ performance and innovation as well as the common good.
Present in 19 countries with a dense network of sites, Inetum partners with major software publishers to meet the challenges of digital transformation with proximity and flexibility.
Driven by its ambition for growth and scale, Inetum generated sales of 2.5 billion euros in 2023.