Regional Chief Information Security Officer (CISO)

Permanent contract|Hong Kong|IT (Information Technology)

Regional Chief Information Security Officer (CISO)

Hong Kong, Hong Kong Permanent contract IT (Information Technology)

Responsibilities

Based in Hong Kong, the Chief Information Security Officer (CISO) is responsible of the Cybersecurity Risk for Asia region. The CISO is responsible to coordinate regionally on the application of group cyber security policies and standards. The CISO is responsible for implementing, enhancing and overseeing the information security framework. The CISO directly manages a core team of security professionals responsible for managing operational activities, regulatory matters as well as coordinating the execution of information security program.

Main Responsibilities

Management of Data and Cyber Security team and oversight on infrastructure security for Asia region
Definition and implementation of the regional Cyber Security governance with regional stakeholders (up to regional executive management) and in alignment with global governance
Definition of the Asia Cyber Security strategy and framework
Implementation of the regional Cyber Security program aiming to reinforce prevention and protection capabilities as well as defining and testing reaction capabilities in case of Cyber Security incident
Support Business Units and Service Units in their transformation providing adequate guidance on Cyber Security subjects
Be a subject matter expert on subjects alike Identity and Access Management, Application Security, Outsourcing Security, Cloud security, Data protection and Incident management
Deliver relevant awareness and training adapted to the current threat landscape and the user population
Maintain and continuously improve the bank's cyber defense capabilities through operational monitoring of anomalies and incident management
Monitor Cyber Security regulatory landscape (16+ active regulatory bodies in the region), coordinate gap analysis and follow-up remediation plans

Profile required

ACADEMIC BACKGROUND AND CERTIFICATIONS, EXPERIENCE

Bachelor Degree in Information Technology or equivalent
Professional qualification such as CISM, CISSP, ISO 27001
Experienced Security Expert with 10+ years of relevant experience

OPERATIONAL SKILLS

Strong understanding of IT infrastructure and IT applicative framework architectures
Strong background of Data & Cyber Security
Good understanding of application vulnerabilities and common exploits
Excellent English verbal and written communication skills, experience of influencing at senior organizational levels, up to and including MD level
Client oriented mindset, results driven, proactive and quick to react to requests
Innovative and bringing new ideas to improve processes.

BEHAVIORAL SKILLS

Client - Risk: I strive to satisfy clients/internal partners while taking into account risks for the company
Commitment - Inspiration: I communicate a clear vision and strategy
Responsibility - Courage: I express my convictions and make decisions with courage
Responsibility - Risk awareness: I am constantly on the lookout for risks
Commitment - Exemplarity: I embody the Group’s values
Innovation - Simplification: I make things & ideas simple

Business insight

Company Description
Societe Generale is one of the leading European financial services groups. Founded in 1864, we have been playing a vital role in the economy for over 150 years. With more than 148,000 employees based in 76 countries worldwide, we accompany 32 million clients throughout the world on a daily basis. Based on a diversified universal banking model, the Group combines financial strength with a strategy of sustainable growth.

ASIA-PACIFIC (ASIA), as one of the Business Units of Societe Generale, operates in 12 locations across the Asia Pacific region, employing over 2,500 employees with the regional headquarter located in Hong Kong. Our activities here are centered on Societe Generale's Global Banking & Investor Solutions pole (GBIS), a major growth engine for the Group and a key pillar of Societe Generale's universal banking model. Our expertise in Asia Pacific ranges from Corporate & Investment Banking (Advisory, Financing and Global Markets) to Asset Management, Global Transaction Banking and specialised financial services like Equipment & Vendor Finance and Vehicle Leasing & Fleet Management. In addition, Societe Generale's Global Solution Centre (SGGSC) in Bangalore and Chennai offers customised business solutions to the Societe Generale Group globally including ASIA

Department Description
Reporting within the Global Business Service Unit (GBSU) to the IT Risk And Production Management (RPM) department, the Data & Cybersecurity (DCS) team is responsible for securing and steering Information Security and Cybersecurity related risks falling under Global Banking & Investor Solutions' (GBIS) remit. The team is based in Hong Kong and has transversal oversight on Asia Pacific.