Job Description

Crxc3xa9dit Agricole CIB is the corporate and investment banking arm of Crxc3xa9dit Agricole Group, the 10th largest banking group worldwide in terms of balance sheet size (The Banker, July 2022).
8,600 employees in more than 30 countries across Europe, the Americas, Asia-Pacific, the Middle-East and North Africa, support the Bank's clients, meeting their financial needs throughout the world.
Crxc3xa9dit Agricole CIB offers its large corporate and institutional clients a range of products and services in capital market activities, investment banking, structured finance, commercial banking and international trade.
The Bank is a pioneer in the area of climate finance, and is currently a market leader in this segment with a complete offer for all its clients.For more information, please visit www.ca-cib.comTwitter: https://twitter.com/ca_cib
LinkedIn: https://www.linkedin.com/company/credit-agricole-cib/By working every day in the interest of society, we are a group committed to diversity and inclusion. All our positions are open to people with disabilities.Reference 2025-96747Publication date 12/02/2025Job descriptionBusiness typeTypes of Jobs - IT, Digital et DataJob titleCyber Security Risk ManagerContract typePermanent ContractJob summaryPositionWe are looking for a Cybersecurity Risk Manager with expertise in Enterprise Cyber Risk Assessment and Cyber security controls.You will report to the Singapore Chief Information Security Officer, who is also the Head of Information System Security (ISS) for APAC-METhis role will focus on the Enterprise Cybersecurity Risk Assessment, ISS (Information Systems Security) controls, reporting and Project Management Office (PMO) & Regulatory tasks for ISS Department. In coordination with Paris, you will be in charge to conduct and maintain the yearly Enterprise Cybersecurity Risk Assessment for Singapore and coordinate this assessment on Asia and Middle East region.This role requires deep understanding and experience in cybersecurity risk management, security KPI, project management and Cyber security best practices like network/architecture security, Security Operation Center (SOC)/ Security information and event management (SIEM) topics and vulnerability management and monitoring, etc.You will work with the Credit Agricole CIB security community in ASIA but also with our other entities in the world, especially the Hubs in Paris, New-York, London.Main Responsibilities1. Enterprise Cybersecurity Risk AssessmentIn coordination with Paris, NY, London work on a common Enterprise Cybersecurity Risk Assessment methodology
Identify cyber security risks and determine the most critical assets for the Branch with heads of business departments.
Conduct the yearly Enterprise Cybersecurity Risk Assessment for Singapore and coordinate this assessment on Asia and Middle East region region.
Help Singapore Entity to identify and prioritize areas for improvement in their cybersecurity program.
Protect the security of our information systems and data by setting policies, monitoring compliance and following defined procedures to identify, assess and manage risks from external and internal threats.
understand the legal and regulatory environment within which the business operates. Ensure that Information Security Governance arrangements are appropriate.2. ControlsIn coordination with Paris, NY, London work on a common Cybersecurity control framework and KPI set.
Maintain these KPI and ensure that all cybersecurity controls are conducted and recorded in the dedicated tool.3. Project Management Office (PMO) & RegulatoryHelp the CISO to manage and coordinate all Cybersecurity Projects.
With the CISO, coordinate for APAC-ME region the answers for all recommendations from regulators or other auditors like Internal audit, financial audit, etc.4. Collaboration and SupportWork closely with the CISO team, with ISS network worldwide, with IT Department and all Business Lines Departments.Position locationGeographical areaAsia, SingaporeCitySingapourCandidate criteriaMinimal education levelBachelor Degree / BSc Degree or equivalentAcademic qualification / SpecialityEducationBachelor's Degree in Computer Science, Information Technology or equivalent.
Minimum of 10 years of experience in Information Security and Enterprise Cybersecurity Risk Assessment.
Knowledge of methodologies like CRI (Cyber Risk Methodology) is desirable
Professional Certifications: CRISC, SANS, CISSP, CISM, CISA, Cloud or equivalent (preferred).
Experience in the financial services sector is highly desirable, with a strong understanding of the banking regulatory environment.Level of minimal experience11 years and moreExperienceRequirementsxc2xb7 Minimum of 10 years of experience in cybersecurity, with a focus on Enterprise Cybersecurity Risk Assessment/Management. Experience in the financial services sector is highly desirable, with a strong understanding of the banking regulatory environment.Technical Skillsxc2xb7 Technical proficiency in one or more of the following security areas: Identity Access Management, Privileged Access Management, network security engineering, zero trust, Internet of Things, cryptography etc.xc2xb7 Strong understanding of SIEM, network security, incident response, and threat detection tools.Soft Skillsxc2xb7 Analytical mindset with the ability to identify complex security challenges and devise effective solutions.xc2xb7 Effective written and communication skills, capable of engaging both technical and non-technical stakeholders in a clear and concise manner.xc2xb7 Meticulous, with a proactive approach to identifying and mitigating potential security risks.xc2xb7 Ability to work independently as well as part of a collaborative, cross-functional team.

Crxc3xa9dit Agricole