Data Security Specialist

Who we are

Crédit Agricole Corporate and Investment Banking (Crédit Agricole CIB) is the corporate and investment banking arm of Crédit Agricole Group, world's 10th largest bank by total assets.

Our Singapore center is the 2nd largest IT setup (after Paris Head Office) for Crédit Agricole CIB's worldwide business. We work daily with international branches located in 30 markets by:

• Envisioning and preparing the Bank's futures information systems
• Partnering and supporting core banking flagships and transverse areas in their large scale development projects
• Providing premium In-house Banking applications

This unique positioning empowers us to bring our core banking business a sustainable competitive advantage on the market.

We seek innovative and agile people sharing our mindset to support ambitious and forthcoming technological challenges.

Position: Data Security Specialist- Data Security and Endpoint Security

Data Security Specialist is a technical Specialist role within the Data Security Services team and will be responsible for managing, administration and supporting the Data Security and Endpoint Security technologies for the bank.

You will be the technical point of contact for the Run team and the related activities to data security and will be the last level of escalation for the Security specialists in the team. You are also responsible for the technical transition and validation of Security services from other regions to Singapore. You will be involved in projects and POC's that may involve security services. You work with continuous improvement principles. You are equivalent to the Subject Matter Specialist on the technologies within data security.

Data Security Services team in Singapore is responsible for day-to-day operational services on the infrastructure of Europe (mainly France and UK) and Asia remotely from Singapore. France infrastructure represents approximately 80% of the worldwide production activities of CA-CIB in Singapore.

Team works in Europe time zones and this role will be aligned primarily to Paris working hours. Flexible rotations are followed based on the nature of duties.

The operational support of the team covers the following technical scope:

• Endpoint Security technologies – Anti-virus management, Host Intrusion Prevention System etc.
• Data Leak Prevention systems. - Email Prevent, Web Prevent, Endpoint Protect,
• Encryption Solutions: Disk Encryption, File and Folder encryption,
• Database Audit Monitoring solutions
• Email and Web Phishing Prevention solutions.
• Vulnerability Management

Detailed Job Responsibilities

As the Specialist of the team, you will:

• act as the last level of escalation for the team members
• own Incident, Problem and change management process for the team
• assigns technical tasks and manages delegation
• animates the team to encourage collaboration and sharing of practices
• participates to recruitment process for the team

As the Specialist of your scope of activity, you will:

• is actively involved in incident management (fault investigation, resolution escalations of all monitoring alerts and user initiated problem calls/tickets) and request management
• Is the final technical approver for any changes into Data Security systems and is accountable for any technical changes in the environment from a RUN/BAU perspective
• Is involved in projects like End of Life, New Builds, migrations and technical upgrades of the solution managed by the team
• Participates in global Infra events (like Power down and DR Tests)
• ensures activity is performed in compliance with norms, standards, processes and procedures
• gathering required evidence using multiple forensic tools to investigate any data leak incident, conducting interrogation if required, case closure and reporting
• ensures documentation is up to date and relevant for use
• lead the continuous improvement initiatives
• responsible to drive and deliver root cause for any high severity issues
• Focus on automation and optimum use of the team to improve efficiency
• Maintain appropriate knowledge to ensure to be fully qualified to undertake the role.
• Complete all mandatory training as required to attain and maintain competence
• Comply with all applicable legal, regulatory and internal Compliance requirements, including, but not limited to, the Singapore Compliance manual and Compliance policies and procedures as issued from time to time; Financial Security requirements, including, but not limited to, the prevention of Financial Crime and Fraud including reporting obligations to the Money Laundering Reporting Officer.

Work Schedule

Work schedule is mainly focused to support Asia and EMEA (Paris) time zone; however, may have to support during non-offce hours for critical incidents or escalation as per the assigned on-call support requirements;

Rotational Shift schedule is followed;

• Work Hours: 2 PM – 11 PM SGT (with 1 week of General shift 9 AM – 6 PM SGT).

Qualifications and Profile

Functional

• 6+ years of IT Security experience in administration and management of IT Security technologies primarily on Antivirus, EDR and Endpoint Protection technologies such as, Symantec Endpoint Protection,McAfee, Windows Defender, Sentinel One or any other EDR solutions.
• Should be a bachelors/masters/engineering graduate or equivalent technical degree in Information Technology or Computer Science;
• Knowledge of different domains of IT Security;
• Working & hands-on experience in administering the IT Security Solutions;
• Must have experience in working in similar Production setup in Run (Operations) mode;
• Ability to apply risk based approach while working on assigned responsibilities;
• Experience in defining, implementing, and enforcing enterprise-level IT security policies for endpoint and data security solutions;
• Must have working experience in managing endpoint security solution for a Large enterprise level environment, working experience in financial organization is preferred;
• Excellent in analytical, communication and documentation skills;
• Ability to organize work and be able to priories work as per the needs of Production Operation's needs;
• Must have strong understanding of ITIL processes and comfortable working in process oriented environment;
• Ability to work independently and as well as a part of team and is able to work under minimal supervision;
• Should have time management skills and able to manage work in fast moving environment;

Technical

• Hands-on experience on Symantec Endpoint Protection (SEP), Windows Defender, SentinelOne;
• Highly proficient in Endpoint Protection, EDR and Email Security Solutions;
• Deployment, integration and administration experience of various Antivirus and EDR technologies:

- Symantec Endpoint Protection

- McAfee

- Windows Defender

- Sentinelone

• Must have experience in defining, designing and configuring AV Policies as per the business requirements;
• Deploy, upgrade and troubleshooting knowledge on AV and EDR solution;
• Scripting knowledge (Phyton, Regular Expression, Powershell) is desirable;
• Professional Certifications:

- CISSP certified is highly preferred

- Symantec Certified Specialist: SEPM (any version) is highly preferred.