Position : Asia Infrastructure Security Manager

Experience : 8Yrs to 14Yrs

Location : Bangalore

The Asia Infrastructure team is in charge of delivering the expected level of service to all the  internal clients within the region. Inside this matrix organisation, the Infrastructure Security Team is in charge to provide the proper level of Information Systems Security (ISS), from regulatory point of view, as well as all policy and rules that are defined at the Organization level.
The Asia Infrastructure Security Manager is in charge to coordinate, within the Region, the security related actions and studies. If applicable, he/she is the functional report for, and coordinates the actions of, the Local Security Officers in the various countries of his/her perimeter.
He/she logs the gaps between the current regional ISS situation and the security standards in place.
He/she ensures, together with the Local Security Officers, that the various regional/local technical teams are effectively producing the pre-defined dashboards, which sustain the issuance of the ISS reporting for the region.
He/she is the GTS regional contact person for the various Business Lines for all infrastructure-related security topics. He/she collects any local/regional requirement and coordinates locally with GTS skill teams all necessary actions to fulfil local, regional or global customer requirements, including but limited to ensuring security project progress, proper level of information and feedbacks.

Required Skills Set :
-  The assignment is based in Bangalore; however, the coverage is the entire Asia Pacific locations . Some travels may be required into the locations, as well as to Paris Headquarters.
-  Contributes to security audits and takes the ownership of the necessary actions to correct non-compliant situations
-  Coordinate audit process follow-up for entire Asia Region (make sure recommendations are closed within schedule date), provide regular reporting on audit issues
-  Provide assistance to Business/Lines auditees to close their recommendations
-  Contribute to the Security Intranet definition with topics referring to the region
-  Participate to creation of policies, guidelines and standards with local specifics when relevant
-  Communicate new policies, guidelines and standards
-  Define local/regional security standards and processes, has them validated by GTS CISO and ensures their application in his/her perimeter.
-  Ensure good implementation of global decisions at local levels
-  Participate in the governance of security projects
-  Perform risk-analysis on legacy systems and new projects
-  Perform regular risk assessments, including regular vulnerability Assessment (Nessus Scan, Pen Tests), produce scan reports, agree rectification plan with stream leaders according to SG policies.
-  In case of ISS incidents investigations on his/her perimeter; he/she contributes to their resolution and takes ownership of the reporting.
 - Coordinate the Risk Control and Self Assessment (RCSA) Questionnaire for Asia Region
-  Ensure Compliance and Legal compliance for Business/Lines IT
-  Informs the actors of his/her perimeter of any evolution of compliance rules
-  Contribute, maintain a local dashboard for permanent supervision
-  Coordinate permanent supervision in the region with regular governance with each site Chief Technology Officer (CTO) and GTS Stream Manager .
-  Consolidate permanent supervision reporting in entire Asia Region
-  Follow up implementation of the all controls in entire Asia Region
-  Follow-up reporting of the all controls in entire Asia Region