Information Security Analyst
- Singapur, Singapore Singapur Singapore SG
- Befristete Anstellung, Vollzeit
- Allegis Global Solutions
- 12 Jun 18 2018-06-12
The candidate will be part of the Office of the Chief Information Security Officer for Corporate and Institutions (C&I) team reporting to the Head of Information Security, C&I. The main purpose of the role will be to act as 2nd line support to key senior business stakeholders within the C&I function.
The candidate will support the team with:
- Acting as 2nd line support to key senior business stakeholders within the C&I function.
- Performing Information Security related risk assessments in C&I business assets, processes & projects.
- Make recommendations to improve the information security status within C&I
- Be the Information Security specialist within the defined C&I functions (Channels, Financial Markets, Client Coverage) by understanding applications, products, organisation and business process.
- Remain vigilant to Information Security threats that may impact the function.
- Maintain oversight of Information Security projects and initiatives for the function.
- Input intelligence and analysis into reports for the group CISO, C&I ISO.
- Partner with Operational Risk Teams during joint process review exercises.
- Build relationships and maintain coverage and regular communications within the function and Technology teams.
- Bachelor Degree / Diploma in Engineering, Computer Science/Information Technology
- Experience in Information security in Banking and Financial services
- Strong knowledge of security frameworks, information security principles, architecture, security frameworks and cryptography required
- Knowledge of Wholesale / Investment banking, related products and operations a plus
- Exposure or hands-on experience in either Infrastructure or web application penetration testing and vulnerability assessments required
- Ability to articulate residual risk with specific ability to clearly, concisely and accurately communicate complex technology and process risk to non-technical stakeholders
- Certifications will be a plus e.g. CRISC, CISM, CISA etc.
- Technical security certifications will be a plus e.g. SANS GPEN, CISSP, CCNP Security