Cyber Security Risk Manager

General information

Entity

About Crédit Agricole Corporate and Investment Bank (Crédit Agricole CIB)

Crédit Agricole CIB is the corporate and investment banking arm of Crédit Agricole Group, the 10th largest banking group worldwide in terms of balance sheet size (The Banker, July 2022).
8,600 employees in more than 30 countries across Europe, the Americas, Asia-Pacific, the Middle-East and North Africa, support the Bank's clients, meeting their financial needs throughout the world.
Crédit Agricole CIB offers its large corporate and institutional clients a range of products and services in capital market activities, investment banking, structured finance, commercial banking and international trade.
The Bank is a pioneer in the area of climate finance, and is currently a market leader in this segment with a complete offer for all its clients.


For more information, please visit www.ca-cib.com

Twitter: https://twitter.com/ca_cib
LinkedIn: https://www.linkedin.com/company/credit-agricole-cib/

By working every day in the interest of society, we are a group committed to diversity and inclusion. All our positions are open to people with disabilities.   

Reference

2025-96747  

Update date

12/02/2025

Job description

Business type

Types of Jobs - IT, Digital et Data

Job title

Cyber Security Risk Manager

Contract type

Permanent Contract

Job summary

Position

 

We are looking for a “Cybersecurity Risk Manager” with expertise in Enterprise Cyber Risk Assessment and Cyber security controls.

You will report to the Singapore Chief Information Security Officer, who is also the Head of Information System Security (ISS) for APAC-ME

This role will focus on the Enterprise Cybersecurity Risk Assessment, ISS (Information Systems Security) controls, reporting and Project Management Office (PMO) & Regulatory tasks for ISS Department. In coordination with Paris, you will be in charge to conduct and maintain the yearly Enterprise Cybersecurity Risk Assessment for Singapore and coordinate this assessment on Asia and Middle East region.

This role requires deep understanding and experience in cybersecurity risk management, security KPI, project management and Cyber security best practices like network/architecture security, Security Operation Center (SOC)/ Security information and event management (SIEM) topics and vulnerability management and monitoring, etc.

You will work with the Credit Agricole CIB security community in ASIA but also with our other entities in the world, especially the Hubs in Paris, New-York, London.

 

 

 

Main Responsibilities

 

1.    Enterprise Cybersecurity Risk Assessment

In coordination with Paris, NY, London work on a common Enterprise Cybersecurity Risk Assessment methodology
Identify cyber security risks and determine the most critical assets for the Branch with heads of business departments.
Conduct the yearly Enterprise Cybersecurity Risk Assessment for Singapore and coordinate this assessment on Asia and Middle East region region.
Help Singapore Entity to identify and prioritize areas for improvement in their cybersecurity program.
Protect the security of our information systems and data by setting policies, monitoring compliance and following defined procedures to identify, assess and manage risks from external and internal threats.
understand the legal and regulatory environment within which the business operates. Ensure that Information Security Governance arrangements are appropriate.
 

2.    Controls

In coordination with Paris, NY, London work on a common Cybersecurity control framework and KPI set.
Maintain these KPI and ensure that all cybersecurity controls are conducted and recorded in the dedicated tool.
 

 

3.    Project Management Office (PMO) & Regulatory

Help the CISO to manage and coordinate all Cybersecurity Projects.
With the CISO, coordinate for APAC-ME region the answers for all recommendations from regulators or other auditors like Internal audit, financial audit, etc.
 

 

4.    Collaboration and Support

Work closely with the CISO team, with ISS network worldwide, with IT Department and all Business Lines Departments.
 

 

Position location

Geographical area

Asia, Singapore

City

Singapour

Candidate criteria

Minimal education level

Bachelor Degree / BSc Degree or equivalent

Academic qualification / Speciality

Education

Bachelor’s Degree in Computer Science, Information Technology or equivalent.
Minimum of 10 years of experience in Information Security and Enterprise Cybersecurity Risk Assessment.
Knowledge of methodologies like CRI (Cyber Risk Methodology) is desirable
Professional Certifications: CRISC, SANS, CISSP, CISM, CISA, Cloud or equivalent (preferred).
Experience in the financial services sector is highly desirable, with a strong understanding of the banking regulatory environment.

Level of minimal experience

11 years and more

Experience

Requirements

·         Minimum of 10 years of experience in cybersecurity, with a focus on Enterprise Cybersecurity Risk Assessment/Management. Experience in the financial services sector is highly desirable, with a strong understanding of the banking regulatory environment.

Technical Skills

·         Technical proficiency in one or more of the following security areas: Identity Access Management, Privileged Access Management, network security engineering, zero trust, Internet of Things, cryptography etc.

·         Strong understanding of SIEM, network security, incident response, and threat detection tools.

 

Soft Skills

·         Analytical mindset with the ability to identify complex security challenges and devise effective solutions.

·         Effective written and communication skills, capable of engaging both technical and non-technical stakeholders in a clear and concise manner.

·         Meticulous, with a proactive approach to identifying and mitigating potential security risks.

·         Ability to work independently as well as part of a collaborative, cross-functional team.