Cyber Security Forensic & Incident Response Officer
- Standard / Permanent
- HK-Hong Kong (HK)-Hong Kong
- INFORMATION TECHNOLOGY
The role will conduct Cyber incident handling process by coordinating and supporting the Cybersecurity incident response process. This entails analyzing and resolving cyber security events and incidents that are reported by end users or observed through proactive network and system monitoring, for all the business entities in BNPP Asia Pacific. Successful candidate would be able to demonstrate significant understanding of Cyber Security, capabilities to think out of the box, as well as having a sound and demonstrated experience in large organizations from the financial industry.
- Review, analyze and resolve difficult and complex information security incidents.
- Maintain a set of CSIRT operation playbooks to effectively trigger and execute the security incident response process.
- Perform deep dive analysis of malicious artifacts.
- Take responsibility for successful execution of incident response plan.
- Identify and recommend process improvements.
- Work with the Security Monitoring Center analysts on incident response tickets and manage / prioritize queue assignments.
- Perform threat management and protection against threats including malware, phishing, hacking, DDoS, intrusion, impersonation, cyber-squatting.
- Provide security control enhancement recommendations based on security incident data.
- Analyze large and unstructured data sets to identify trends and anomalies indicative of malicious activities.
- Respond to critical security incidents and lead escalation teams to close with response, containment and remediation.
- Plan, execute and participate Security Incident Response tabletop exercises.
- Be situational awareness on the current threat landscape and the techniques, tactics and procedures associated with specific threats.
- Perform Investigation and recommendations to identify gaps from the incident or events.
- Manage projects related to cyber security investigation and forensic examination.
- Conduct analysis related to forensic investigations, cybercrimes, and/or cyberattacks from inside and external threat actors.
- Perform digital forensics investigations and obtain necessary evidence to be court-admissible.
- Co-ordinate and liaise with global, regional and local incident response teams.
- Co-ordinate with various internal security teams for incident response.
- Advise and assist Security Monitoring Centre to sharpen their playbook and procedures.
- Assist with routine compliance and audit functions to ensure requirements are satisfied.
- Stay current on security industry trends, mitigation techniques, security technologies and new and evolving threats to the organization by attending conferences, networking with peers and other education opportunities.
Technical & Behavioral Competencies
- Cyber security experience in handling events or alerts
- Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner.
- Ability to collaborate and communicate effectively and respectfully with both business-oriented executives and technology-oriented personnel in teams across the organization.
- Computer Forensic experience with Digital Forensic Tools: Encase, X-Ways, Cellebrite, Oxygen
- Investigation mindset and skill required.
Specific Qualifications (if required)
- Bachelor’s degree in Computer Science, Information Assurance, or a related degree or equivalent experience.
- At least 2 years of relevant working experience
- Holder of Information Security and Digital Forensics Certificate (i.e. CISSP, CISM, CISA, CEH, GIAC, CCME, Encase) preferred
About BNP PARIBAS
As the leading European Union bank, and one of the world’s largest financial institutions with an uninterrupted presence in the region since 1860, BNP Paribas offers a wide range of financial services for corporate, institutional and private investors spanning corporate and institutional banking, wealth management, asset management and insurance.
We passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued and encourage applicants of all backgrounds, including diversity of origin, age, gender, sexual orientation, gender identity, religion applicants who may be living with a disability. We have a number of internal employee networks in place to empower our staff to act and challenge the status quo.
• BNP Paribas PRIDE is highly active in favour of the LGBTQIA+ community
• BNP Paribas MixCity which fosters better representation of women at all levels of the organization
• Ability, the mutual aid network for employees with a disability or a disabling or chronic illness
• BNP Paribas CulturAll which celebrates diverse backgrounds
BNP is committed to financing a carbon-neutral economy by 2050. The Group is a founding member of the Net-Zero Banking Alliance and has set up its own Low Carbon Transition Group to support its clients through their energy transitions.
BNPP has won Top employer Europe award in a 10th consecutive year