
IT Cybersecurity Manager
2 days ago
Position Purpose
Provide a brief description of the overall purpose of the position, why this position exists and how it will contribute in achieving the teams goal.
Main ScopeRole of Wealth Management India IT Risk and Information Systems Security Manager, being understood this role includes delegations from APAC WM CISO for the team located in India territory and fully participates in overall WMIS Cybersecurity and IT Risk objectives.
Participate to IT project security reviews conducted both on a global and APAC basis across all platforms. Participate in the Security Operation meetings in APAC, EMEA & CH regions. This requires the incumbent to foster close working relationships with other business areas and IT Development/Production/CSIRT/Production Security teams.
The incumbent will work hand in hand with the IT Dev, Prod teams and the business, as an enabler and a facilitator.
Responsibilities
Direct Responsibilities
WM IT Risk and Security Manager
o Manage the WM IT Risk and Security local team in India by managing the recruitment, performances review as well as training and career-path development.
o Coordinate with APAC WM security actors, including India-based resources.
o Coordinate with APAC WM IT teams on risk and security topics, while promoting a secure development and deployment culture
o Assist for a Risk Treatment for any APAC WM issue, based on the WM GAIM generic process.
o Periodic reporting of security status to WM CISO APAC and WM Global CISO
o Contribute to the IT Risk and Cybersecurity Governance including procedural framework, Cybersecurity awareness and communication.
o Ensure the regular reporting for management follow-up
IT Security Compliance (delegation on WM APAC scope)
o Ensure the alignment with the Group and WM GAIM security policies, for both project and production assets.
o Ensure the protection of WM business data with an adequate security level of WM assets, based on project assessment and production review processes.
o Ensure the compliance with regulatory bodies requirements, including for APAC (HKMA, MAS), EU (GDPR), Switzerland (FINMA)
o Leveraging on a deep knowledge of Security standards such as NIST, CIS,ISO2700x , ensure the compliance with the IT security requirements
o Ensure the compliance with the Third-party Technology risks and Cloud security.
o Identify the process gaps and provide solutions.
Application Security
o Ensure the effective implementation of Secure SDL including the DevSecOps and Threat modelling practices.
o Identify and implement the latest security standards for internet facing and internal assets.
o Improve the Vulnerability Management at the application level in terms of efficiency as well as effectiveness (including Static Acceptance Security Testing SAST, Dynamic Acceptance Security Testing DAST and Software Composition Analysis SCA).
Perform Security risk assessments and reviews to be presented to respective committees.
Ensure the adequate security level for all WM GAIM applications, whatever the IT project managers location and hosting provider.
Production Security Oversight (delegation on WM APAC scope)
o Identify the production security requirements and ensure a smooth integration of WM assets within APAC IT Production, including network flow opening and Application Zoning compliance.
o Identify the compliance level of the production environment and contribute to remediation actions definition while keeping the oversight on actions progress.
o Keep an overview and ensure the adequate Vulnerability Management at the server and middleware level leveraging on production scans and liaising with relevant production stakeholders. Contribute to the management of Cybersecurity incidents.
CyberSecurity Program (delegation on WM APAC scope)
o Contribute to the steering and driving of the security initiatives on the APAC scope expected by the WM Cybersecurity Program.
Contributing Responsibilities
Coordination with IT Security actors
o Reporting line to the WM GAIM Global CISO: alignment on the objectives and means, contribution to the different global reporting (WM Cybersecurity Committee, Wholesale Application Security Dashboard)
o Coordination and control of security activities performed by APAC CIB Business Information Security and Production Security teams, including project assessment from production point of view, production security review, user security awareness for the WM scope.
o Coordination with the Swiss Security team concerning integration of WM assets within Swiss IT production.
o Keeping abreast of initiatives by the IT Security community within the Group and other IT Security stakeholders within the Group.
Technical & Behavioral Competencies
Cybersecurity / Technical Value-added Competencies
Cybersecurity Governance: framework (NIST / CIS framework), Security incident management, Logging & Detection (SIEM ELK products)
DevSecOps: CI/CD toolchain knowledge of various tools
o Source code management: sonarQuabe, bibucket, github/gitlab
o Security application scanning (e.g. Sonatype/NexusIQ, Fortify, AppSpider, Qualys, DTR scan)
o Automation/orchestration: Ansible tower, Jenkins
Application Security: Threat modeling, Security architecture key concepts, exposure to various development framework and applicative landscape (Java/Web, Mobile applications, containerization/docker, kubernetes, API management, Cloud security)
Vulnerability Management
o Nexpose, Nessus
Ethical Hacking Knowledge
o Kali Linux knowledge (metasploit, nmap)
Specific Qualifications (if required)
Qualifications and Experience
10 years' experience in information security evaluation and design of technical architectures
Functional as well as technical knowledge of the applications used within BNP Paribas
Knowledge of the Norms and Standards of the BNP Paribas Group, in particular with respect to ITRM & Wholesale IT Security Norms and Policies
Team management experience is a must
Preferred Master level in Computer science and Information Security
Skills Referential
Behavioural Skills:
Communication skills - oral & written
Ability to collaborate / Teamwork
Decision Making
Ability to deliver / Results driven
Transversal Skills:
Ability to set up relevant performance indicators
Ability to develop and adapt a process
Ability to manage a project
Ability to develop others & improve their skills
Ability to manage / facilitate a meeting, seminar, committee, training
Education Level:
Master Degree or equivalent
Experience Level
At least 10 years
Other/Specific Qualifications (if required)
Other Value-added Competencies
Advanced IT security certifications may be advantageous (such as CISM, CCSP, CSK, CEH, CISSP).
Operational Risk and Permanent Control
Data Analytics solutions (Tableau, PowerBI) and strong expertise in Dashboard/reporting
-
Regional Cybersecurity Officer
2 days ago
Chennai, Tamil Nadu, India Valeo Full time ₹ 9,00,000 - ₹ 12,00,000 per yearMissionIn charge of Cybersecurity of one or several countries or one subsidiary ('Region'): Act as the Cybersecurity point of contact for the 'Region' Functionally manage the Sites Cybersecurity Officers Deploy the Valeo ISSP (Information Systems Security Policy) within the 'Region', assess and improvethe level of Cybersecurity of the different sites...
-
Cybersecurity Engineer
2 days ago
Chennai, Tamil Nadu, India NielsenIQ Full time ₹ 6,00,000 - ₹ 18,00,000 per yearEngineer, Cybersecurity Job Description Engineer, Cybersecurity, Pune/Chennai At NielsenIQ, we believe in turning ideas into action, collaborating as one team, and delivering results that matter. We arere looking for a Cybersecurity Engineer who shares these values — someone who brings technical expertise, curiosity, and a strong sense of ownership...
-
Engineer, Cybersecurity
3 weeks ago
Chennai, Tamil Nadu, India NielsenIQ Full timeJob DescriptionJob DescriptionEngineer, Cybersecurity, Pune/ChennaiAt NielsenIQ, we believe in turning ideas into action, collaborating as one team, and delivering results that matter. We arere looking for aCybersecurity Engineerwho shares these values someone who brings technical expertise, curiosity, and a strong sense of ownership to every challenge.In...
-
Engineer, Cybersecurity
2 days ago
Chennai, Tamil Nadu, India NielsenIQ Full time ₹ 8,00,000 - ₹ 25,00,000 per yearJob DescriptionEngineer, Cybersecurity, Pune/ChennaiAt NielsenIQ, we believe in turning ideas into action, collaborating as one team, and delivering results that matter. We arere looking for a Cybersecurity Engineer who shares these values — someone who brings technical expertise, curiosity, and a strong sense of ownership to every challenge.In this...
-
Cybersecurity Trainer
2 days ago
Chennai, Tamil Nadu, India RL Technologies Pvt Ltd Full time ₹ 9,00,000 - ₹ 12,00,000 per yearJob DescriptionWe are looking for a Cybersecurity Trainer to educate students on network security, systems protection, and threat management.Responsibilities:Deliver training on Network Security, Firewalls, IDS/IPS, VPNs, and Cloud Security.Prepare students for certifications like CompTIA Security+, CEH, CISSP, etc.Provide hands-on lab sessions and...
-
L1 Cybersecurity Engineer
4 days ago
Chennai, Tamil Nadu, India iLink Digital Full time ₹ 9,00,000 - ₹ 12,00,000 per yearRole & responsibilitiesWe are seeking a motivated L1 Cybersecurity Engineer to join our Security Operations team. The role involves monitoring, analyzing, and responding to security alerts and incidents, while supporting senior engineers in strengthening our security posture. This is an excellent opportunity for early-career professionals to build expertise...
-
VP, Cybersecurity Awareness Lead
4 weeks ago
Chennai, Tamil Nadu, India Live Connections Full timeExp : 11yrs + Bachelor's degree in Cybersecurity, Information Technology, Communications or a related field Relevant certifications (e.g. CISSP, CISA, CISM, SSAP, SANS Security Awareness Professional) are preferred Minimum 11- year experience in the financial banking industries focused on cybersecurity, information security awareness, or related roles Strong...
-
VP, Cybersecurity Awareness Lead
4 weeks ago
Chennai, Tamil Nadu, India Live Connections Full timeExp : 11yrs +Bachelor's degree in Cybersecurity, Information Technology, Communications or a related fieldRelevant certifications (e.g. CISSP, CISA, CISM, SSAP, SANS Security Awareness Professional) are preferredMinimum 11- year experience in the financial banking industries focused on cybersecurity, information security awareness, or related rolesStrong...
-
Principal Cybersecurity Consultant
1 week ago
Chennai, Tamil Nadu, India Scybers Full time ₹ 15,00,000 - ₹ 25,00,000 per yearAs an ambitious mid-career professional with 5 years of deep technical experience, you will play a crucial role in leading global CIOs and CISOs to build world-class security programs at Scybers. Your responsibilities will include: - Demonstrating proven hands-on expertise in cloud security, threat detection & response, and infrastructure management -...
-
Cybersecurity Expert
2 weeks ago
Chennai, Tamil Nadu, India BNP Paribas Full time ₹ 15,00,000 - ₹ 25,00,000 per yearPosition Purpose Cyber Innovation is a team of cybersecurity experts working on innovative topics. Our aim, as Group position, is to support the Group Production Security team and Business lines to meet security needs with Startups solutions, in order to increase the overall security maturity level. We also study innovative technologies, emergent solutions...