Job Description

Cr\xc3\xa9dit Agricole CIB is the corporate and investment banking arm of Cr\xc3\xa9dit Agricole Group, the 10th largest banking group worldwide in terms of balance sheet size (The Banker, July 2022).
8,600 employees in more than 30 countries across Europe, the Americas, Asia-Pacific, the Middle-East and North Africa, support the Bank\'s clients, meeting their financial needs throughout the world.
Cr\xc3\xa9dit Agricole CIB offers its large corporate and institutional clients a range of products and services in capital market activities, investment banking, structured finance, commercial banking and international trade.
The Bank is a pioneer in the area of climate finance, and is currently a market leader in this segment with a complete offer for all its clients.

For more information, please visit www.ca-cib.com

Twitter: https://twitter.com/ca_cib
LinkedIn: https://www.linkedin.com/company/credit-agricole-cib/

Working every day in the interest of society, our Group is committed to diversity and inclusion. To find out more on our Diversity Policy, click here: https://www.credit-agricole.com/en/pdfPreview/198689

Reference 2024-85999

Publication date 13/02/2024

Job description

Business type

Types of Jobs - IT, Digital et Data

Job title

Head of Section, IT Security Services (Ref 58149)

Contract type

Permanent Contract

Management position

Yes

Job summary

Detailed Job Responsibilities
The Manager has a wide spectrum of responsibilities and actions.

As the manager of his/her team, he/she:

• assigns the tasks and manages delegation,
• sets and reviews the work organization according to activity\'s requirements and people\'s needs and validates the schedules,
• animates the team to encourage collaboration and sharing of practices,
• has a role in supporting people development,
• participates to recruitment process for the team,
• Vendor relation management

As the manager of his/her team, he/she:

• Meets stakeholders on a regular basis to discuss improvement plans, action plans, evolving threats and changing risks, and provide feedback on policies, standards, procedures, guidelines. ISS leads security for GIT and is the main entry point for internal clients outside of GIT (Business Lines, BCP, LGL, and Compliance for security topics).
• The service includes, but is not limited to, incident management (fault investigation, resolution escalations of all monitoring alerts and user initiated problem calls/tickets) and request management, but also global projects like End of Life, New Builds, migrations and upgrades etc., participation in global Infra events (like Power down and DR Tests)
• ensures activity is performed in compliance with norms, standards, processes and procedures,
• gathering required evidence using multiple forensic tools to investigate any data leak incident, conducting interrogation if required, case closure and reporting,
• Reporting and auditing
• monitors operational KPI and ensure tickets are closed within SLA,
• ensures documentation is up to date and relevant for use,
• implements cross-functions activities including continuous improvement initiatives,
• estimates the yearly budget, sets monthly forecasts and follows up BAU/Project monthly balance.

As an experienced professional in Security domain, he/she:

• supports his/her team or experts\' diagnosis when technical issues raise in his/her scope of expertise,
• is aware of the global IT structure so that he/she anticipates interrelationships within the organization,
• manage L0/L1/L2/L3 activities which involve direct relationships with end users and L3 activities (architecture, design, project management, etc.)
• provide oversight to all Data Security activities to ensure adequate performance, efficiency, and availability,
• engage with technical peer, Service managers, Architect and project teams on technology roadmap and projects, especially with GIT architecture security team.
• ensures the IT Production activities regarding his/her perimeter are performed correctly by the team, complying with defined norms, standards, processes and procedures,
• has to make sure that the defined KPI is met on a day-to-day basis for Incident, request, problem, change management etc.

Supplementary Information

As the first point of contact for the Service Provider, he/she:

• manages the daily relationship with the Service Provider and escalates when needed,
• follows up Provider KPI and related actions,
• coach and develop partner resources to meet the objectives,

As the first point of contact for internal Clients, he/she:

• manages the daily relationship with internal Clients including planning, requests clarification, risks mitigation and service quality
• prepares client feedback for the monthly review.
• serve as point of escalation on major incidents
• have to maintain a smooth relation with partners, vendors and global clients/teams

Work Schedule

• Work Timing is flexible and is scheduled to manage the operations within business hours of Asia and Emea timezone.
• Role may have to attend and lead any critical issues escalated outside of working hours, when operational needs.

Position location

Geographical area

Asia, Singapore

City

Singapour

Candidate criteria

Minimal education level

Bachelor Degree / BSc Degree or equivalent

Academic qualification / Speciality

Bachelor in relevant specialties

Level of minimal experience

11 years and more

Experience

• Min 12 years of IT Security experience and with 5-6 years of team management experience.
• Must be a bachelors/masters/engineering graduate or equivalent technical degree in Information Technology or Computer Science;
• Must have knowledge of different domains of IT Security;
• Must have managed a team size of 8 or more Security Specialists in an enterprise level environment;
• Must have prior hands-on experience in managing the IT Security Solutions;
• Must have experience in working in Production setup in Run (Operations) mode;
• Must have working experience in managing the endpoint and data security solutions for a Large enterprise level environment, working experience in financial organization is preferred;
• Ability to apply risk based approach while working on assigned responsibilities;
• Experience in defining, implementing, and enforcing enterprise-level IT security policies for endpoint and data security solutions;
• Excellent in analytical, communication and documentation skills;
• Ability to organize work and be able to priories work as per the needs of Production Operation\'s needs;
• Must have strong understanding of ITIL processes and comfortable working in process oriented environment;
• Should have hands-on technical exposure on wide spectrum of endpoint and data security technologies e.g. Symantec Data Loss Prevention (DLP), Symantec Endpoint Protection, Phishing Prevention and other IT Security technologies;

Cr\xc3\xa9dit Agricole