Business Information Security Staff

What You Will Do

Governance, Strategy and Planning:

• Prepare and facilitate the Local Security Steering Committee.
• Produce management metrics for the purpose of control and decision making.
• Provide recommendations to Management to increase security effectiveness of organization and technology solutions. 

IT & Risk Management:

• Implement in Seoul Branch the policies and solutions defined by Regional IT Security organization.
• Ensure immediate and accurate reporting of any Seoul Branch IT Security related incident (intrusion, virus, etc.) to the regional & global IT Security and Incident Management processes.
• Maintain an IT Security Awareness training program towards all local employees.
• Owner of the local Access Control tool, and as such, in charge of its correct operation.
• In charge of the timely & accurate reporting to Global IT Security/2OPC of the Information Security Control Plan as defined per the Global IS Control Plan instructions.
• Perform regular security risk assessment for all local Applications and ensure per BNPP Application Security Policy. 

Controls & Procedures:

• Ensure that work is conducted adhering to compliance (including firewall), data protection (customer & personal data) and other regulatory requirements.
• Minimize operational risks and risks of fraud by implementing regular and sufficient controls related to his position.
• Escalate to his management and/or Operational Risks & Permanent Control any issues identified. 

Business Continuity Management:

• Build adequate capabilities to provide BCM expertise, support, and assistance to Korea business.
• Coordinate with IT regional platforms to ensure that Disaster Recovery Planning program are aligned with business continuity objectives.
• Assist as appropriate in responding to BCP related incidents/crises.
• Follow up and monitor resolution of BCM-related audit, General inspection or regulators open recommendations.
• Collect, challenge and consolidate scorecards to report main vulnerabilities and key risk indicators to management.
• Contribute to building management buy-in in Korea. 

Contributing Responsibilities:

• To actively coordinate and cooperate with other IT and IT Security teams (local, global and regional) to ensure best IT Security practices and deliveries and a smooth interaction.
• To work closely with Global/Regional IT Security Coordination team to follow-up on strategic projects and security issues.
• A close cooperation with Métiers IT Teams is expected in order to ensure enforcement of IT Security rules at each Métier levels.
• To represent Seoul Branch IT Security in internal and external audits, and in liaison with regulatory and market bodies.
• To contribute to IT Security quality and process improvement generally.
• Contribute to the Permanent Control framework for implementation of policies and procedures in day-to-day business activities, such as Control Plan.
• Comply with regulatory requirements and internal guidelines.
• Contribute to the reporting of all incidents according to the Incident Management System. 

Required Skills and Abilities

• Bachelor Degree or equivalent.
• At least 2 years of experience.
• High Korean Proficiency.
• Takes initiative and is results driven.
• Strong decision making and analytical skills.
• Ability to manage change and complexity with confidence.
• Strong team player.
• Client focused and commercial thinking.
• Excellent interpersonal and communication skills.
• Self-motivated and genuine interest in Banking and Finance.
• Proficiency in Microsoft office (MS Word, Excel & Power point).
• Prior related internship within the banking industry is an advantage.