Information Security Analyst

  • Competitive
  • Singapour, Singapore Singapour Singapore SG
  • Intérim, Plein-temps
  • Allegis Global Solutions
  • 12 juin 18 2018-06-12

The candidate will be part of the Office of the Chief Information Security Officer for Corporate and Institutions (C&I) team reporting to the Head of Information Security, C&I. The main purpose of the role will be to act as 2nd line support to key senior business stakeholders within the C&I function.

The candidate will support the team with:

  • Acting as 2nd line support to key senior business stakeholders within the C&I function.
  • Performing Information Security related risk assessments in C&I business assets, processes & projects.
  • Make recommendations to improve the information security status within C&I
  • Be the Information Security specialist within the defined C&I functions (Channels, Financial Markets, Client Coverage) by understanding applications, products, organisation and business process.
  • Remain vigilant to Information Security threats that may impact the function.
  • Maintain oversight of Information Security projects and initiatives for the function.
  • Input intelligence and analysis into reports for the group CISO, C&I ISO.
  • Partner with Operational Risk Teams during joint process review exercises.
  • Build relationships and maintain coverage and regular communications within the function and Technology teams.

Requirements:

 

  • Bachelor Degree / Diploma in Engineering, Computer Science/Information Technology 
  • Experience in Information security in Banking and Financial services
  • Strong knowledge of security frameworks, information security principles, architecture, security frameworks and cryptography required
  • Knowledge of Wholesale / Investment banking, related products and operations a plus
  • Exposure or hands-on experience in either Infrastructure or web application penetration testing and vulnerability assessments required
  • Ability to articulate residual risk with specific ability to clearly, concisely and accurately communicate complex technology and process risk to non-technical stakeholders
  • Certifications will be a plus e.g. CRISC, CISM, CISA etc.
  • Technical security certifications will be a plus e.g. SANS GPEN, CISSP, CCNP Security