Cyber threat investigation specialist

Position Purpose

APAC Production Security teams are responsible for multiple IT Security activities for BNP Paribas in Asia Pacific region, such as:

1. IT Production Security Governance, PMO & Risks
2. Network Security and Security Design & Architecture
3. Vulnerability & Compliance Management 
4. IAM Production
5. Production CSIRT, Detection & SIEM Engineering
6. Production support of the Security platforms

Team is looking for Cybersecurity expert/SME in Detection Engineering & Security Investigation areas, part of Production SOC & Security Investigation & Incident Response team.

Your role will be to:

1. Strengthen the detection capabilities in APAC and be member of the Global Use Case development team for a worldwide alignment of the security use cases.
2. Contribute to the enhancement of SIEM and SOAR capabilities,
3. Act as reference point in team of experts on Security Incident Response activities, Anti-Malware/Defense activities and Security Detection activities,
4. Oversee the detection capabilities for the 24/7 regional IT Production SOC which handles the IT Production security alerts for the APAC region,
5. Participate to the global continuous improvement of the framework of tools and processes for Security Incident Management, Anti-Malware/Defense and Security Detection,
6. Collaborate with the APAC Business CSIRT, accountable for the Security Incident practice in APAC, to strengthen the extended security monitoring setup between Business Information Security and IT Production Security.

Key Responsibilities

Direct Responsibilities

• Lead technical activities (security usecase definition, design, implementation & enrichment) in the team of IT Production Security Investigation & Incident Response based on real-world attack scenarios and framework like MITRE ATT&CK, ensuring robust security detection posture across various layers.
   Understand ongoing security threats in the wild and propose security usecase to detect and when possible, protect or mitigate.
   Lead technical activities (definition, R&D/threat hunting) in the team of IT Production Security Investigation & Incident Response and oversee the detection capabilities of the 24/7 regional IT Production SOC
• Respond to Cyber / IT security incidents and evaluates the type and severity of security events.
• Identify recurring security issues and risks and develops mitigation plans and recommends process improvements.
• Partner with global, regional and local stakeholders to ensure organizational and procedural efficiency and readiness for detection of suspicious events and reaction
• Continuously improve the processes to strengthen the current SOC framework via review of policies and operational playbooks

Contributing Responsibilities

• Partner with the APAC Business CSIRT for integrated security monitoring and alert/incident handling operations.
   Contribute to local security incident response outside the direct scope of responsibilities (i.e., local IT production in some APAC business entities)
   Contribute to the Bank compliance with regulatory requirements and internal policies
   Contribute to the reporting of all incidents according to the Incident Management System
   Contribute to the control frameworks in day‐to‐day business activities, such as Control Plan; Participate to Audit interview and provide the require evidence

Role Specific Technical Skills

• Requires a minimum of 7 or more years of experience as security professional
   Experience in security usecase design/development with understanding of Java language. 
   Good working knowledge of Linux (RedHat/Ubuntu).
   Working knowledge to interpret security logs or instructions into threat models. SecOPS-DevOPS mindset & skills.
   Experience and knowledge in investigating incidents, remediation, tracking and follow-up for incident closure with concerned teams, stakeholders.
   Thorough understanding of technologies and security concepts, with knowledge & hands on experience in SIEM Product and Security Incident Management
   Experience of performing security monitoring and incident response activities in an advanced Security Operation Centers (SOC) environment (log analysis, event analysis, incident investigation, reporting)
   Comfortable working with and making the most of large data sets (collection, analysis, response), creating content/use cases/models and bringing an automation mindset.

Personal Attributes

• Strong problem-solving skills
   Good communication skills
• Positive attitude, willing to upskill and carry out in-depth troubleshooting
• Has the ability to work autonomously and think on feet, be-proactive.
• Good interpersonal skills and team player
• High energy level coupled with a desire to take on responsibility
• Able to multi-task & deliver within agreed deadlines.

Specific Qualifications

• Candidate MUST have 7 or more years of experience on overall cybersecurity incident response with 4+ years specifically on security usecase design, development, coding.
• Experience in SIEM on ELK(Elastic Logstash Kibana) stack is a plus
• Professional credentials in one of the relevant IT Security disciplines is a plus (SANS / CISSP / OSCP)
   Experience in common scripting languages such as Python, PowerShell, Bash, SQL is a plus

About BNP PARIBAS

As the leading European Union bank, and one of the world’s largest financial institutions with an uninterrupted presence in the region since 1860, BNP Paribas offers a wide range of financial services for corporate, institutional and private investors spanning corporate and institutional banking, wealth management, asset management and insurance. 

We passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued and encourage applicants of all backgrounds, including diversity of origin, age, gender, sexual orientation, gender identity, religion applicants who may be living with a disability. We have a number of internal employee networks in place to empower our staff to act and challenge the status quo.

• BNP Paribas PRIDE is highly active in favour of the LGBTQIA+ community

• BNP Paribas MixCity which fosters better representation of women at all levels of the organization

• Ability, the mutual aid network for employees with a disability or a disabling or chronic illness

• BNP Paribas CulturAll which celebrates diverse backgrounds

BNP is committed to financing a carbon-neutral economy by 2050. The Group is a founding member of the Net-Zero Banking Alliance and has set up its own Low Carbon Transition Group to support its clients through their energy transitions.

https://careers.apac.bnpparibas/

More information 

BNP Paribas - Diversity & Inclusion Journey

BNP Paribas - The Bank Of Green Changes

Award Obtained

BNPP has won Top employer Europe award in a 10th consecutive year