Information Security Expert - Information Technology Hong Kong Information Security Expert - Information  …

à Hong Kong, Hong Kong, Hong Kong
CDI, Plein-temps
Dernière candidature, 23 mai 20
à Hong Kong, Hong Kong, Hong Kong
CDI, Plein-temps
Dernière candidature, 23 mai 20
Information Security Expert - Information Technology Hong Kong


"Application and project risks:

- Manage evaluation of application security and provide advice on how to mitigate weaknesses
- Perform vulnerability management, including following-up on remediation actions from vulnerability scans and penetration tests
- Conduct risk assessments on new applications, infrastructure and projects to prevent and mitigate information security risks

Operational security:

- Perform day-to-day review and approval of exceptional access rights from the business
- Perform and implement ongoing controls to mitigate cybersecurity risk for the bank
- Implement and enhance security to adapt to continuous delivery and Agile@Scale
- Assist in producing key risk indicators (KRIs) for senior management

Third party risks:

- Perform information security reviews on projects that require outsourcing, including review of the vendor's security capability and risk of data leakage

Remediation and awareness:

- Participate in remediation of weakness identified by the bank or regulators
- Assist in responding to and triaging cybersecurity and data leakage incidents
- Deliver trainings to business partners to reinforce information security awareness

Participation in committees:

- Participate in regional and global governance meetings and normative committees where required
- Provide updates within the team and liaise regularly with other teams in Asia, including technology, operational risk managers, risk management and business continuity management"

Profile Required


Bachelor Degree in Information Technology or equivalent
Professional qualification such as ITIL, CISM, CISSP
Experienced Security Expert with 5-8 years of relevant experience"


- Strong understanding of IT infrastructure and IT applicative framework architectures
- Strong background of Information and Computer Security
- Good understanding of application vulnerabilities and common exploits
- Excellent English verbal and written communication skills, experience of influencing at senior organizational levels, up to and including MD level
- Client oriented mindset, results driven, proactive and quick to react to requests
- Innovative and bringing new ideas to improve processes."

Business Insight

Company Description:

"Societe Generale is one of the leading European financial services groups. Founded in 1864, we have been playing a vital role in the economy for over 150 years. With more than 148,000 employees based in 76 countries worldwide, we accompany 32 million clients throughout the world on a daily basis. Based on a diversified universal banking model, the Group combines financial strength with a strategy of sustainable growth.

Our expertise in the Asia Pacific region ranges from Corporate & Investment Banking (Advisory, Financing and Global Markets) to Asset Management, Securities Services, Trade Finance and Cash Management Services. Leveraging on our formidable global footprint, we serve corporates, financial institutions and the public sector. With our regional headquarters in Hong Kong, we operate in 11 countries across Asia Pacific, employing over 6,600 employees. You can find us in Beijing, Seoul, Tokyo, Singapore, Mumbai, Sydney and other locations in the region.

At Societe Generale we have developed - and continue to develop - advanced programmes to support your career development. A diverse and comprehensive Learning & Development programme, a Junior programme for graduates and a Remuneration policy that stimulates your growth are just a few examples that illustrate how we help you to fulfill yourself personally and professionally, and how we develop your ability to adapt to ever-changing environments and transform challenges into opportunities."

Department Description:

Reporting to the Global Business Service Unit (GBSU), the Data & Cybersecurity (DCS) is responsible for securing and steering Information Security and Cybersecurity related risks falling under Global Banking & Investor Solutions' (GBIS) remit. The team is based in Hong Kong and has transversal oversight on Asia Pacific.

We are an equal opportunities employer and we are proud to make diversity a strength for our company. Societe Generale is committed to recognizing and promoting all talents, regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, sexual or gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination.

Job code: 19000YV2

Business unit: Societe Generale Hong Kong Branch

Starting date: Immediate

Date of publication: 18/02/2020


Share on