Cyber Security Expert

Company Description

Inetum is a European leader in digital services. Inetum’s team of 28,000 consultants and specialists strive every day to make a digital impact for businesses, public sector entities and society. Inetum’s solutions aim at contributing to its clients’ performance and innovation as well as the common good.

Present in 19 countries with a dense network of sites, Inetum partners with major software publishers to meet the challenges of digital transformation with proximity and flexibility.

Driven by its ambition for growth and scale, Inetum generated sales of 2.5 billion euros in 2023.

Job Description

Wealth Management is looking for a candidate with minimum of 3 years' experience in Application Security and Cyber Security Incident Management

Candidate will participate to IT project security reviews conducted on a global basis across all platforms. This requires the incumbent to foster close working relationships with other business areas and IT Development / Production teams.

The incumbent will work hand in hand with the IT Dev, Prod teams and the business, as an enabler and a facilitator.

The candidate will be member of WM IT Security Operations team and will report hierarchically to WM CISO EMEA and functionally to Head of WM IT Security Operations. She/he will work with various stakeholders located in Singapore, Chennai, Switzerland and Paris.

Certification (not mandatory but strongly recommended): CISM, CCSP, CSK, CEH, CISSP

Main Tasks

• APPLICATION SECURITY
  
  

Ensure the effective implementation of Secure SDL including the DevSecOps and Threat modelling practices.

Identify and implement the latest security standards for internet facing and internal assets

Improve the Vulnerability Management at the application level in terms of efficiency as well as effectiveness (including Static Acceptance Security Testing – SAST, Dynamic Acceptance Security Testing – DAST and Software Composition Analysis – SCA).

Perform Security risk assessments and reviews to be presented to respective committees

Ensure the adequate security level for all WM GAIM applications, whatever the IT project manager’s location and hosting provider

• IT SECURITY COMPLIANCE
  
  

Ensure the alignment with the Group and WM GAIM security policies, for both project and production assets

Ensure the protection of WM business data with an adequate security level of WM assets, based on project assessment and production review processes

Ensure the compliance with regulatory bodies requirements, including for APAC (HKMA, MAS, FSC), EU (DORA), Switzerland (FINMA)

Leveraging on a deep knowledge of Security standards such as NIST, CIS, ISO2700x, ensure the compliance with the IT security requirements

Ensure the compliance with the Third-party Technology risks and Cloud security

Identify the process gaps and provide solutions

• CYBER SECURITY
  
  

Ensure the coordination with other IT security or other actors in the region or globally

Assist for a Risk Treatment for any WM issue, based on the processes

Identify the IT security risks in advance, record and follow-up them

Define and contribute to processes from cybersecurity perspective

Periodic reporting of security status to WM IT Domain Head and security champion

Ensure the regular reporting for management follow-up

Handle Cyber alerts & Incident by investigating and following with handlers until the issue is closed.

Ensure to onboard the Assets & Applications in SIEM and handling BAU, create / update relevant documents.

• PRODUCTION SECURITY
  
  

Ensure the effectiveness and success of vulnerability management process

Ensure the compliance level of the production environment and integrate to reporting

Qualifications

Technical Skills:

• Application Security
• IT Security Compliance
• Cyber Security Incident Management
• Vulnerability Management
  
  

Language Skills

• English
  
  

Soft Skills

• Ability to deliver / Results driven
• Be Proactive
• Communication
• Data Analytic
• Knowledge of Bank Sector