Cyber Incident Responder

**POSITION PURPOSE**:
APAC Production Security teams are responsible for multiple IT Security activities for BNP Paribas in Asia Pacific region, such as:
IT Production Security Governance, PMO & Risks

Network Security and Security Design & Architecture

Vulnerability & Compliance Management

IAM Production

Production CSIRT, Detection & SIEM Engineering

Production support of the Security platforms

Team is looking for Cybersecurity expert/SME in Detection Engineering & Security Investigation areas, part of Production SOC & Security Investigation & Incident Response team.

Your role will be to:
Act as reference point in team of experts on Security Incident Response activities, Anti-Malware/Defense activities and Security Detection activities,

Oversee the detection capabilities for the 24/7 regional IT Production SOC which handles the IT Production security alerts for the APAC region,

Contribute to the enhancement of SIEM and SOAR capabilities,

Strengthen the detection capabilities in APAC and be member of the Global Use Case committee for a worldwide alignment of the security use cases.

Participate to the global continuous improvement of the framework of tools and processes for Security Incident Management, Anti-Malware/Defense and Security Detection,

Collaborate with the APAC Business CSIRT, accountable for the Security Incident practice in APAC, to strengthen the extended security monitoring setup between Business Information Security and IT Production Security.

**Direct Responsibilities**

Lead technical activities (definition, R&D/threat hunting) in the team of IT Production Security Investigation & Incident Response and oversee the detection capabilities of the 24/7 regional IT Production SOC

Respond to Cyber / IT security incidents and evaluates the type and severity of security events.

Identify recurring security issues and risks and develops mitigation plans and recommends process improvements.

Partner with global, regional and local stakeholders to ensure organizational and procedural efficiency and readiness for detection of suspicious events and reaction

Continuously improve the processes to strengthen the current SOC framework via review of policies and operational playbooks

Steer the regional threat modeling, identification of threat vectors and development of related security monitoring capabilities

Report to global regional and local stakeholders on the strategic and operational aspects of these activities

**Contributing Responsibilities**

Partner with the APAC Business CSIRT for integrated security monitoring and alert/incident handling operations.

Contribute to local security incident response outside the direct scope of responsibilities (i.e., local IT production in some APAC business entities)

Contribute to the Bank compliance with regulatory requirements and internal policies

Contribute to the reporting of all incidents according to the Incident Management System

Contribute to the control frameworks in day‐to‐day business activities, such as Control Plan; Participate to Audit interview and provide the require evidence

**Competencies**

Requires a minimum of 8+ years of experience as security professional

Excellent interpersonal and communication skills; ability to influence and motivate

Ability to handle high pressure situations with key stakeholders to collaborate and communicate effectively and respectfully with both business-oriented executives and technology-oriented personnel in teams across the organization

Experience of performing security monitoring and incident response activities in an advanced Security Operation Centers (SOC) environment (log analysis, event analysis, incident investigation, reporting)

Experience and knowledge in investigating incidents, remediation, tracking and follow-up for incident closure with concerned teams, stakeholders.

Exhaustive technical knowledge and hands on experience in several security domains

Thorough understanding of technologies and security concepts, with knowledge & hands on experience in SIEM Product and Security Incident Management

Program and project management expertise

Taking initiative; be proactive and run decision-making processes autonomously

Client focus and Results oriented: understand the business processes that IT & Security solutions provide and work on continuous enhancement

Strategic vision: ability to develop strategic targets and to build paths to achieve them

Communication skills: excellent communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner

Analytical skills: interpretation of complex situations and elaboration of adapted solutions in a proactive way

Rigor & Accuracy: focus on robust deliverables for long term achievements

Flexibility: capacity to adapt in a fast-paced changing environment

**Specific Qualifications**

Successful people management experience

Professional credentials in one of t