Business and Information Security: Computer Security Incident Response Officer
In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 15,000 employees* and a presence in 14 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.
Worldwide, BNP Paribas has a presence in 74 countries with more than 190,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.
BNP Paribas offers you an exciting career opportunity in an international, challenging business environment characterized by high pace and diversity with focus on creating valuable relations with our customers. We offer a competitive salary & benefits package and also an excellent work environment where you're valued as part of our team!
* excluding partnerships
The role will conduct investigation and computer forensic for all the business entities in BNPP APAC.
Successful candidate would be able to demonstrate significant understanding of Cyber security and have experience of assessment in large organizations with experience in financial services.
- Conduct analyses related to forensic investigations, cybercrimes, and/or cyberattacks.
- Analyzing security logs, monitoring logs, firewall logs and intrusion prevention system logs.
- Perform threat management and protection against threats including malware, phishing, hacking and DDoS
- Experience conducting computer forensic analysis, maintaining chain of custody and testifying on evidence collected.
- Investigation and recommendations to identify gaps from the incident.
- Manage projects related to cyber security investigation and forensic examination.
- Review and Update Incident Management Procedure.
- Develop and Update operational playbook e.g. DDOS, ransomware
- Prepare investigation report and KPI indicator on security incidents.
- Co-ordinate and liaise with global, regional and local incident response team.
- Co-ordinate with internal security teams for incident response.
- Assist with routine compliance and audit functions to ensure requirements are satisfied.
- Provide input to the department's management for enhancing the information security strategy.
- Stay current on security industry trends, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences, networking with peers and other education opportunities.
- Contribute to the Permanent Control framework for implementation of policies and procedures in day-to-day business activities, such as Control Plan
- Comply with regulatory requirements and internal guidelines.
- Contribute to the reporting of all incidents according to the Incident Management System.
Technical and Behavioral Competencies required
- Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner.
- Ability to collaborate and communicate effectively and respectfully with both business-oriented executives and technology-oriented personnel in teams across the organization.
- Computer Forensic experience with sound knowledge of Encase, X-Ways and Cellebrite
- Investigation skill required.
- Bachelor's degree in Computer Science, Information Assurance, or a related degree or equivalent experience
- At least 6 years working in a regulated environment
- Holder of information Security and Forensics Certificate (i.e. GIAC, CEH, Encase) preferred