Cyber Security Risk Manager

**Description du poste**:
Position

We are looking for a “Cybersecurity Risk Manager” with expertise in Enterprise Cyber Risk Assessment and Cyber security controls.

You will report to the Singapore Chief Information Security Officer, who is also the Head of Information System Security (ISS) for APAC-ME

This role will focus on the Enterprise Cybersecurity Risk Assessment, ISS (Information Systems Security) controls, reporting and Project Management Office (PMO) & Regulatory tasks for ISS Department. In coordination with Paris, you will be in charge to conduct and maintain the yearly Enterprise Cybersecurity Risk Assessment for Singapore and coordinate this assessment on Asia and Middle East region.

This role requires deep understanding and experience in cybersecurity risk management, security KPI, project management and Cyber security best practices like network/architecture security, Security Operation Center (SOC)/ Security information and event management (SIEM) topics and vulnerability management and monitoring, etc.

You will work with the Credit Agricole CIB security community in ASIA but also with our other entities in the world, especially the Hubs in Paris, New-York, London.

Main Responsibilities

1. Enterprise Cybersecurity Risk Assessment

In coordination with Paris, NY, London work on a common Enterprise Cybersecurity Risk Assessment methodology
Identify cyber security risks and determine the most critical assets for the Branch with heads of business departments.
Conduct the yearly Enterprise Cybersecurity Risk Assessment for Singapore and coordinate this assessment on Asia and Middle East region region.
Help Singapore Entity to identify and prioritize areas for improvement in their cybersecurity program.
Protect the security of our information systems and data by setting policies, monitoring compliance and following defined procedures to identify, assess and manage risks from external and internal threats.
understand the legal and regulatory environment within which the business operates. Ensure that Information Security Governance arrangements are appropriate.

2. Controls

In coordination with Paris, NY, London work on a common Cybersecurity control framework and KPI set.
Maintain these KPI and ensure that all cybersecurity controls are conducted and recorded in the dedicated tool.

3. Project Management Office (PMO) & Regulatory

Help the CISO to manage and coordinate all Cybersecurity Projects.
With the CISO, coordinate for APAC-ME region the answers for all recommendations from regulators or other auditors like Internal audit, financial audit, etc.

4. Collaboration and Support

Work closely with the CISO team, with ISS network worldwide, with IT Department and all Business Lines Departments.
- Niveau d'étude minimum
Bac + 3 / L3Formation / Spécialisation
EducationBachelor’s Degree in Computer Science, Information Technology or equivalent.
Minimum of 10 years of experience in Information Security and Enterprise Cybersecurity Risk Assessment.
Knowledge of methodologies like CRI (Cyber Risk Methodology) is desirable
Professional Certifications: CRISC, SANS, CISSP, CISM, CISA, Cloud or equivalent (preferred).
Experience in the financial services sector is highly desirable, with a strong understanding of the banking regulatory environment.
Requirements
- Minimum of 10 years of experience in cybersecurity, with a focus on Enterprise Cybersecurity Risk Assessment/Management. Experience in the financial services sector is highly desirable, with a strong understanding of the banking regulatory environment.Technical Skills
- Technical proficiency in one or more of the following security areas: Identity Access Management, Privileged Access Management, network security engineering, zero trust, Internet of Things, cryptography etc. Strong understanding of SIEM, network security, incident response, and threat detection tools. Soft Skills
- Analytical mindset with the ability to identify complex security challenges and devise effective solutions. Effective written and communication skills, capable of engaging both technical and non-technical stakeholders in a clear and concise manner. Meticulous, with a proactive approach to identifying and mitigating potential security risks. Ability to work independently as well as part of a collaborative, cross-functional team.Niveau d'expérience minimum
11 ans et plus- **Entreprise Crédit Agricole CIB**: