Project Manager (Vulnerability Management)

Company:

Sopra Steria is a listed European tech leader specializing in Consulting, Digital Services, and Software. With 60,000 employees worldwide across Europe, North America and Asia, Singapore serves as the HQ for our APAC operations. We focus on delivering Infrastructure, Cloud and Cybersecurity services across the region.

Description:

For this opportunity, we are looking for a Project Manager to assist one of our client – a leading global investment bank.

The APAC Production Security department is responsible for most IT Security activities for the group in Asia Pacific region, such as:

1.       IT Production Security Governance, Project Management & Risk management

2.       Network Security and Security Design & Architecture

3.       Vulnerability & Compliance Management

4.       Identity and Access Management: authorization, authentication, control of Privileged Access

5.       Production Computer Security Incident Response Team,

6.       Detection & Security Information & Event Management Engineering

7.       Production support of the security platforms and tools

As the APAC Safety & Trust Programme Project co-ordinator for Infrastructure Vulnerability Management (IVM), candidate will pilot all the regional efforts related to the global project for Vulnerability and Compliance Management by extension of the Programme Lead and incumbent IVM APAC team. The ideal candidate must possess strong organization and stakeholder’s management skills, a solid background in IT security, including prior experience leading regional programs, establishing governance, and overseeing operations related to vulnerability management.

Responsibilities:

• Co-ordinate with the regional stream of the global vulnerability and compliance management project
• Assist in the establishment of the project’s governance in the region for all departments under IT Operations perimeter (improvement, new Process or Procedures)
• Oversee operations such as scoping, scanning, reporting, coordinating with stakeholders
• Partner with & manage local stakeholders to ensure organizational and procedural efficiency
• Oversee & support the Business IT departments’ remediation activities governance
• Assess, report and address the security risks arising from vulnerabilities & compliance deviations
• Report closely to Programme Lead for IVM and align actions and activities with the overall vision and plans for APAC IVM, provide feedbacks and suggestions collected on the field
• Report regularly to global, regional & local stakeholders including C-level status of the project
• Organize and Animate training and awareness sessions with regional and local stakeholders on IVM tools and reports available to them
• Draft training and awareness materials to strengthen further the stakeholders adoption and engagement with IVM tools, reports and procedures
• Animate the IVM Project Task Force and extended contributors on behalf of the Programme Lead

Contributing Responsibilities:

• Develop and maintain relationships with all projects stakeholders, including local, regional and global IT teams, business IT teams, Security Risk Management teams and C-level
• Improve the efficiency of global procedures for Vulnerability & Compliance management
• Contribute to the Bank compliance with regulatory requirements and internal policies
• Provide guidance and support for IT infrastructure projects related to vulnerability management
• Contribute to the control frameworks in day‐to‐day business activities, such as Control Plans,
• Participation in Audit interview and preparation and delivery of requested evidences
• Participate in daily stand-up and other Scrum rituals for the IVM tools supporting the activities
• Provide and consolidate BAU and Project KPI progress for the IVM APAC SteerCo
• eview and assist in Visualization reports evolutions to support IVM-related remediations effort in APAC

Requirements

Technical

• Deep understanding of vulnerability assessment and remediation methodologies
• Thorough knowledge of vulnerability management tools (e.g. Qualys, Nexpose, Tanium Comply)
• Proficient in infrastructure security best practices, technologies and security concepts
• Program and project management expertise, capacity to lead hybrid project methodologies
• Advanced skills on MS PowerPoint
• Familiarity with security compliance frameworks such as PCI-DSS, ISO 27001, etc.

Behavioral

• Excellent interpersonal and communication skills; ability to influence and motivate
• Strong leadership and project management skills
• Strong teamwork and collaboration skills
• Successful people management experience
• Strong problem-solving and analytical skills

Specific Qualifications:

• Bachelor's degree in Computer Science, Information Systems, or related field
• 5+ years of experience in IT security with a focus on vulnerability and compliance management
• 3+ years of experience in a leadership or management role
• Proven experience on Vulnerability Management activities in Financial Institution environment;
• Technical knowledge and hands on experience with vulnerability management products
• Visualization tools hands on experience is a plus (ClickView, Tableau, PowerBI, …)
• Professional credentials in Security & Risk Management disciplines is a plus (CISSP, CISM, CRISC, CEH, etc.)

Benefits

• Regular team buildings
• 18 leave days / Year
• Health Insurance
• Annual bonus
• Working hours: from 9am to 6pm, Monday to Friday
• E-learning and certifications paths