DESCRIPTION DU POSTE

Position
We are looking for a Cybersecurity Engineering Specialist with expertise in Security Engineering and Risk Management. Joining the IT Security Officer team within the Chief Information Security Officer (CISO) department, you will focus on reviewing and assessing the security of our corporate desktops, servers, infrastructure applications and networks. Your responsibilities will include policy enforcement, risk management and cyber risk assessments, ensuring alignment with internal information security policies, standards, and external regulatory requirements. This role requires a strong understanding of security best practices, knowledge in Cloud technologies, and hands-on experience with enterprise security tools and frameworks. You will collaborate with the Credit Agricole CIB security community across ASIA and with other global entities.
Main Responsibilities
1. Security Engineering
Ensure security requirements are incorporated early into the systems development lifecycle of the enterprise IT infrastructure, systems, and applications.
Ensure governance through regular review, reporting and monitoring to ensure compliance with Policies and Standards, and alignment with regulatory requirements.
Evaluate and recommend security tools, technologies, and frameworks to strengthen the security posture of the bank.
Collaborate with stakeholders including IT infrastructure, DevOps, and application teams to ensure security measures and best practices are integrated throughout the development lifecycle of financial applications and services.
Prepare RFQ and evaluation criteria, Proof of concept (POC) during product evaluation. Consulting with vendors to implement security solutions.
Stay updated on emerging security threats and proactively provide solutions to safeguard IT systems from evolving risks.
2. Governance and Risk Management
Conduct Cybersecurity Risk Assessments on IT systems and/or applications. (on-premises and cloud infrastructure).
Ensure security measures described in the risk analysis of IT projects are properly implemented.
Ensure that the audit on the Information systems has security measures in place that comply with the security policies and standards.
Identify gaps, deficiencies, or deviations on the implementation of the controls and analyse areas for improvement.
Collaborate with cross functional teams to provide evidence and insights during internal and external audits.
3. Identity and Access Management (IAM)
Ensure Identity Access Management (IAM) policies around access management such as Role-based access control (RBAC), password management, Privileged access management (PAM) comply with security policies and standards.

Please refer the Job description for details