Regional Cyber Incident Response and Threat Intel Officer

RESPONSIBILITIES
Part of GBSU (Global Business Service Unit), the candidate will join the DCS team in charge of Data and Cyber Security aligned to regional Société Générale GBIS (Global Banking and Investors Solutions) Business Unit. This role acts as a subject matter expert, main coordinator and point of contact on Cyber Incident Response, Cyber Crisis Management, Cyber Surveillance, Threat intelligence, E-fraud and Data Protection in the regional team. Furthermore the role will support IT project assessments.The candidate will be required to:

• Develop, implement and maintain the regional cyber incident response plans, procedures and related documentation in alignment with global standards.
• Develop and maintain a relationship with the threat intelligence community in Asia financial services, including regulators, industry peers, law enforcement agencies, and other relevant stakeholders.
• Collect, analyse, and disseminate threat intelligence from various sources, such as open source, commercial, and internal data, to identify and assess cyber threat and risks affecting our organisation and customers in the Asia region.
• Provide timely and actionable intelligence to SG CERT and the regional CISO, as well as other relevant teams and stakeholders, to enable informed decision-making and proactive security measures.
• Use treat intelligence to streamline playbooks and incident response standard operative procedures, and to enhance the detection, prevention, and mitigation of cyberattacks.
• Conduct research and producing reports, briefing and presentation on cyber threat trends, actors, tactics, techniques, and procedures (TTPs)
• Conduct regular reviews and audits of the cyber incident response process, identifying gaps and areas of improvement
• Plan, execute and support desk based testing scenarios to simulate cyber incidents and test the effectiveness of the response plan and procedures
• Support risk assessment and architecture reviews by conducting threat analysis and modelling, identifying potential attack vectors and mitigation strategies
• Respond to and manage cyber incidents and crises, in coordination with central threat intelligence and cyber incident response functions, involving internal and external stakeholders as appropriate
• Investigate, mitigate the impact, and manage the process related to data leakages and data breaches, and ensure compliance with the regulatory and legal requirements and standards for cybersecurity and data protection in the region
• Provide timely and accurate communication and reporting on the status, impact and resolution of cyber incidents and crises
• Conduct post-incident reviews, root cause analysis and lesson learned from cyber incidents and crises, and providing recommendations and feedback to improve the security posture and resilience of the organisation.
  

PROFILE REQUIRED
Required Qualifications:
ACADEMIC BACKGROUND AND CERTIFICATIONS, EXPERIENCE

• Bachelor Degree in Information Technology or equivalent
• At least 8-10 years of experience in cyber threat intelligence, cyber incident response and cyber crisis management, preferably in the financial services sector
• Professional certification in cyber threat intelligence and cyber incident response, such as Cyber Threat
• Intelligence Analyst (CTIA), Certified Incident Handler (GCIH), Certified Computer Security Incident Handler (CSIH), Certified Network Defender (CND), Certified Forensic Computer Analyst, GIAC Penetration Tester, CompTIA PenTest+, Certified Ethical Hacker

OPERATIONAL SKILLSKey Skill Areas & Knowledge Required

• Knowledge and understanding of the cyber threat landscape and the cyber threat intelligence lifecycle, as well as the tools, methods, and frameworks for cyber threat intelligence collection, analysis and dissemination
• Familiarity with the cyber threat actors, TTPs, and challenges specific to the Asia region, as well as the regulatory and legal requirements and standards for cybersecurity and data protection in the region
• Proficiency in English and preferably another Asian language
• Excellent communication, collaboration, and analytical skills, as well as the ability to work independently and under pressure
• Knowledge of incident response best practices and procedures
• Experience in digital forensic and malware analysis
• Scripting skills in languages ,like Python and PowerShell
• Ability to write comprehensive and easy to understand incident reports destined to management, 2nd line and 3rd line of defence as well as regulatory bodies.

BEHAVIORAL SKILLS

Client - Risk: I strive to satisfy clients while taking into account risks for the company
Team Spirit - Collective mindset: I favour the team’s interest over my own results
Responsibility - Risk awareness: I am constantly on the lookout for risks
Responsibility - Performance: I strive for high performance
Team Spirit - Open mindset: I listen and share my views and my expertise in an open mode
Innovation - Thinking out of the box/Creativity: I propose new ideas and solutions

Company Description:

Societe Generale is one of the leading European financial services groups. Founded in 1864, we have been playing a vital role in the economy for over 150 years. With more than 148,000 employees based in 76 countries worldwide, we accompany 32 million clients throughout the world on a daily basis. Based on a diversified universal banking model, the Group combines financial strength with a strategy of sustainable growth.ASIA-PACIFIC (ASIA), as one of the Business Units of Societe Generale, operates in 12 locations across the Asia Pacific region, employing over 2,500 employees with the regional headquarter located in Hong Kong. Our activities here are centered on Societe Generale's Global Banking & Investor Solutions pole (GBIS), a major growth engine for the Group and a key pillar of Societe Generale's universal banking model. Our expertise in Asia Pacific ranges from Corporate & Investment Banking (Advisory, Financing and Global Markets) to Asset Management, Global Transaction Banking and specialised financial services like Equipment & Vendor Finance and Vehicle Leasing & Fleet Management. In addition, Societe Generale's Global Solution Centre (SGGSC) in Bangalore and Chennai offers customised business solutions to the Societe Generale Group globally including ASIA.

Department Description:
Reporting to the Global Business Service Unit (GBSU), the Data & Cybersecurity (DCS) is responsible for securing and steering Information Security and Cybersecurity related risks falling under Global Banking & Investor Solutions' (GBIS) remit. The team is based in Hong Kong and has transversal oversight on Asia Pacific.