Cyber Security Incident Response and Forensics

In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 18,000 employees* and a presence in 13 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships..

Worldwide, BNP Paribas has a presence in 68 markets with more than 193,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.
- excluding partnerships

At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.

**Position Purpose**:
**Responsibilities**

**Direct Responsibilities**
- Lead the security incident management in piloting the remediation and/or mitigation actions end-to-end.
- Perform Investigation and recommendations to identify gaps from the incident.
- Manage projects related to cyber security investigation and forensic examination.
- Review and Update Incident Management Procedure.
- Develop and Update operational playbook e.g. DDOS, ransomware, malware, intrusion.
- Prepare investigation report and KPI indicator on security incidents.
- Co-ordinate and liaise with global, regional and local incident response team across Information Technology and wider groups.
- Co-ordinate with various internal security teams for incident response.
- Advise and assist APAC Security Monitoring Centre to sharpen their playbook and procedures
- Assist with routine compliance and audit functions to ensure requirements are satisfied.
- Provide input to the department’s management for enhancing the information security strategy.
- Stay current on security industry trends, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences, networking with peers and other education opportunities.
- Enrich the Forensic service catalogue with Fraud forensic investigations for BNP Paribas Asia Pacific
- Test, implement and deploy Forensic tools and technologies to deliver the expected catalogue of services for the business lines and métiers
- Conduct analysis related to forensic investigations, cybercrimes, and/or cyberattacks from inside and external threat actors.
- Perform threat management and protection against threats including malware, phishing, hacking and DDoS

**Contributing Responsibilities**:

- Participate and drive initiatives to enhance existing operational procedures to streamline and improve the cybersecurity controls
- Enhance Forensic Investigation framework to deliver Forensic service to the APAC BNP Paribas métier and business such as: Compliance, Legal, Operational Risk Control
- Develop processes to enable forensic investigations and evidence to be court-admissible
- Experience conducting computer forensic analysis, maintaining chain of custody and testifying on evidence collected.

**Technical & Behavioral Competencies**:

- Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner.
- Ability to collaborate and communicate effectively and respectfully with both business-oriented executives and technology-oriented personnel in teams across the organization.
- Team player
- Investigation mindset and skill required.
- Ability to think like a threat actor to defend against cyber attacks

**Specific Qualifications (if required)**:

- Bachelor’s degree in Computer Science, Information Assurance, or a related degree or equivalent experience.
- At least 5 years of relevant working experience, with relevant Cybersecurity certification.
- Holder of information Security and Forensics Certificate (i.e. GIAC, CCME, CEH, Encase) preferred.