Share this Job

Information Senior Specialist 1 1

Date: Nov 23, 2021

Location: Hong Kong, CN

Company: Intesa Sanpaolo Group

Intesa Sanpaolo is the banking group leader in Italy. Assisting more than 14,6 milion of retail customers through a network of 5360 branches, it significantly supports the development of Companies and gives an important sustain to the country's growth. The Group has a selected retail banking presence in Central and Eastern Europe, the Middle East and North Africa, with approximately 1,000 branches and 7.2 million customers in 12 countries. Intesa Sanpaolo is also present in 25 countries in support of its corporate customers’ cross-border business. It is looking for new qualify profiles who want to face demanding and challenging career path with the following requirements:

Scope and Purpose

 

Operates in close cooperation with local Information Security Officer and with Head Office, in order to direct the planning, development, implementation and monitoring of security for enterprise information systems. Support the definition of the Information Security and Cybersecurity objectives for the Information Security Program and monitors compliance with such objectives. Develops and implements security training and awareness programs to educate employees about information security and cybersecurity solutions and requirements. Is responsible to support the local ISO to: • Oversight the state of information security and cybersecurity for the Branch, • Provide periodic reports at least quarterly on the state of information security to the Board of Directors/Top management • Adopt, implement and update Cybersecurity policies, rules, processes and procedures in line with Head Office regulatory Framework. • In reporting to the Top management, considers to the extent applicable the confidentiality of Nonpublic Information and the integrity and security of Information Systems, the cybersecurity policies and procedures, the material cyber risks, the overall effectiveness of information security and cybersecurity program and possible material cybersecurity events involving the Branch • Work strategically with Head Office to ensure that all aspects of information security and cybersecurity are properly monitored and that security projects and tasks are properly coordinated • Perform continuous monitoring of Information Security and Cybersecurity programs to ensure compliance with objectives, policies and procedures • Identify and evaluate changes in local regulations, as well as trends in the Information Security and Cybersecurity marketplace, such as new products, new attacks and new countermeasures for applicability inside the Legal Entity's environment • In cooperation with Head Office develop, disseminate, and maintain Information Security and Cybersecurity objectives that define baseline policies regarding Information Security at the Legal Entity • Ensure the local execution of Business Continuity activities, including periodical Business Impact Analysis, tests and reporting, in line with Group model. • Work with information owners in business units to determine appropriate security objectives for securable resources • Monitor network activity for malicious activity • Monitor and evaluates vulnerability reports, vendor hot-fixes, and vendor patches for applicability to deployed technologies • Monitor the process of creating, changing, or removing user access across all systems • Monitor the access control program. Ensure that all appropriate documentation pertaining to the recording of account creations, deletions, and permissions are correctly maintained and approved • Monitor that all user passwords adhere to the password requirements • Implement the Information Security Training Program 

Required Experience

 

• Minimum 7 years in the cybersecurity and business continuity management environment, preferably in a Financial Institution • Experience in technology and application development that transitioned in a leading application and information security role • Experience in developing and delivering Information Security and Cybersecurity awareness programs 

Required skills, qualifications and knowledge

 

• Bachelor's in Computer Science, Information Technology or related field • Master's degree a plus • CISSP / CISM certification preferable • Must display subject matter experience in application security, vulnerability testing and system testing • Solid background in assuring high level of Information Security management and Business Continuity management in an organization • I.T./Info/Cyber Security risk management experience and direct participation in related risk management processes, including application risk classification and application control assessments • Knowledge of financial industry products and related IT platform, a plus • Strong communication skills • Attitudes: Goal oriented, Problem Solving, Teamworking, proactiveness 

 

Everyone is an asset for our Group and that person could be you! Check out our job opportunities, apply and join our team!