Information Technology Security Engineer

ICT Security Operations Analyst

Who we are

Crédit Agricole Corporate and Investment Banking (Crédit Agricole CIB) is the corporate and investment banking arm of Crédit Agricole Group, world’s 12th largest bank by total assets.

• Our Singapore center (“ISAP” or “Information Systems Asia Pacific”) is the 2nd largest IT setup (after Paris Head Office)” for Crédit Agricole CIB's worldwide business. We work daily with international branches located in 30 markets by:

- Envisioning and preparing the Bank’s futures information systems

- Partnering and supporting core banking flagships and transverse areas in their large scale development projects.

- Providing premium In-house Banking applications,

• This unique positioning empowers us to bring our core banking business a sustainable competitive advantage on the market.
• We seek innovative and agile people sharing our mindset to support ambitious and forthcoming technological challenges.

Department Overview

ISAP IT Production Centre is an offshore delivery center managing IT Operations (RUN) for Paris, London and Asia. With over 250 people, it constitutes one of two main hubs for CA-CIB IT production teams. This setup is operated in partnership with a Service Provider, who provides most resources on site.

ISAP IT Production Centre is split in 4 departments covering the following aspects:

• INFRA: core infrastructure- systems and network services
• APS: application technical support
• Middleware: Data services and Middleware services
• End-user & Transverse: End-user Services and Transversal activities, including Control Tower, Global Operations Center and Data Security Services.

Job Summary

The cyber Security Engineer is a Level-2 position responsible cybersecurity operational support and maintaining our organization’s network security infrastructure. He/She supports day-to-day cybersecurity operational activities including Incident handling, Firewall flow management, proxy management, Remote access support, IP/VPN support, vulnerabilities remediation etc. He/She also support on LANs, WANs, and VPNs. He also determines the efficacy and efficiency of routers, firewalls, IPS, proxies, load balancers to ensure its optimal functionality.

Responsibilities

• Production Level 2 support for Network and Security infrastructure.
• Handling Incident, Request and change management.
• Vulnerability remediation.
• Knowledge management
• Hardening of network security infrastructure.
• Maintains documentation of security SOP and procedures.
• Gaining a total understanding of the organization’s technology and information systems
• Support for Network security project implementations.
• Network Security IT assets / CMDB management, including routers, firewalls, local area networks (LANs), wide-area networks (WANs), virtual private networks (VPNs), and any other related network devices
• Prepare and Installation of all firewalls, VPN, routers, servers, and IDS scanning technologies
• Providing technical guidance and supervision for Level 1 security teams
• Taking charge of any security awareness programs and educational efforts to better prepare non-IT personnel
• Responding immediately to any security-related incidents (e.g., data breaches, viruses, phishing scams)
• Updating and upgrading the organization’s security systems as needed
• DNS/DHCP management

Legal and Regulatory responsibilities:

• Comply with all applicable legal, regulatory and internal Compliance requirements, including, but not limited to, the Singapore Compliance manual and Compliance policies and procedures as issued from time to time; Financial Security requirements, including, but not limited to, the prevention of Financial Crime and Fraud including reporting obligations to the Money Laundering Reporting Officer/Compliance Officer.
• Maintain appropriate knowledge to ensure to be fully qualified to undertake the role.
• Complete all mandatory training as required to attain and maintain competence.

Qualifications and Profile

• Minimum 06 years of experience in managing IT systems environment with about 02 years of experience in financial institutes.
• Or minimum 3 years’ of work experience as a Cybersecurity support Engineer.
• Good understanding of Network topology (LAN/WAN/MAN/VPN)
• Good understanding of Network Security ( Encryption, Certificate, Kerberos etc )
• Knowledge and/or hands on working experience with emerging technologies.
• Excellent communication, interpersonal and logical skills.
• Customer service oriented and a strong team player.
• Ability to work under pressure and a commitment to solving issues.

Technology / Product Experience:

Cisco

ACI, Nexus, Catalyst, DNAC, ISE , iOS, NXOS

Arista

Switches, EOS

Fortinet

Firewall, IPS

F5

LTM, ASM, APM , TMOS

Infoblox

DNS, DHCP

Skyhigh

Proxy

Ivanti

Remote access

Checkpoint

Firewall, MDS

Trendmicro

IPS/IDS

Technology / Product Experience:

Programming

Python/Bash/Ansible

Tools

Wireshark/Tshark/Netflow

Work Schedule

• Required to work on Paris and/or New York and/or Asia time zone*, i.e. 2pm to 11pm/4pm to 1am (summer season) or 3pm to 12am/ 5pm to 2am (winter season), or in accordance to the planned time schedule as required. If necessary, you may also be required to start work earlier or to extend working hours.
• May be required to be available for on-call support during non-business hours and/or on weekends. Allowance is claimable for such hours.

Education Requirements

At least a Bachelor’s degree in any of these faculties:

• Computer Science
• Information Technology
• Programming & Systems Analysis
• Science (Computer Studies)