Junior Cyber Security Analyst

**Job Title** **:JuniorCyber Security Analyst (Identity & Access Management)**

**Position type** : Full time

**Place of work** : Bangkok, Silom

**Salary** : Negotiable

**Working conditions** : Normal working hours

**Department/Function** : Technologies & Operations

**Reporting to Title** : Head of Operational Security

**The company and the mission**:
BRED IT (Thailand) Ltd.is a wholly owned subsidiary of the French bank BRED Banque Populaire based out of Paris (BPCE Group).

BRED IT was established in 2008 with the objective to become the IT hub for BRED Group Commercial Banks in South East Asia, Pacific Ocean, and the Horn of Africa areas.

In parallel, BRED IT has expanded its activities since 2011 to also provide remote IT services to Paris Headquarters.

Today, with more than 200 employees, BRED IT fully supports Banque Franco Lao in Laos, BRED Bank Cambodia, BRED Bank Vanuatu, BRED Bank Solomon Islands, BRED Bank Fiji and Banque pour le commerce et l’industrie Mer Rouge (BCIMR) in Djibouti:
BRED IT hosts and manages all layers of BRED International Banks Information Systems: From Infrastructures to Applications (Core Banking, Internet/Mobile Banking, E-Payments ), on a 24x7 basis.

Half of the activity is currently performed for BRED Headquarters, with a focus on Projects (built with Java, COBOL, PHP, DataStage) and Production/Devops.

We are a unique company, thanks to our identity and our history: We place our expertise at the service of BRED Group and develop our activities with an entrepreneurial structure.

By putting BRED group best interests first, it allows us to deliver tailor-made solutions with high value-added.

**Main Objectives and Activities**

We are looking for a motivated, eager-to-learn, and detail-oriented Junior Cyber Security Analyst (Identity & Access Management) who is passionate about cybersecurity and ready to grow in a rapidly evolving environment. This is a junior position.

Within the Technologies & Operations department, you will join the Operational Security team to become a key player for the cybersecurity posture of the BRED International area. You will be mainly involved in the Identity & Access Management (IAM) activities to ensure that all the employees’ accounts are secured. Your work will consist in:

- Coordinating and following up the access rights review campaigns with all the BRED International entities.
- Maintaining, improving, and participating in the existing Identity & Access Management activities and workflows (_e.g., _accounts provisioning process, accounts de-provisioning process, definition of access rights profiles, and access rights reviews).
- Monitoring and auditing access controls and user activities.
- Conducting training and awareness programs on Identity & Access Management best practices, for all the BRED International entities.
- Collaborating with other teams and departments to integrate IAM solutions and best practices withing their existing systems.
- Participating in the deployment of the new Identity & Access Management software solution for the BRED International area, in tight collaboration with all the BRED International entities and BRED HQ.

As part of the Operational Security team, you will also have the opportunity to evolve to more technical cybersecurity activities, notably:

- Preventing, detecting, and responding to cyber threats, identifying areas of concern, and developing action plans to address them.
- Assessing and improving the overall security of the BRED International entities’ Information System (e.g., vulnerability management, systems hardening).
- Participating in compliance-related topics (e.g., regular external or internal audit campaigns).
- Conceptualizing new projects, acting as a gatekeeper for the integrity of the digital architecture and its connection to the site infrastructure.

**Education**
- Bachelor’s degree (BSc.) in Computer Science or Bachelor/Master’s degree of Business Administration (BBA/MBA) with a first experience in the IT industry.

**Language skills**
- Very Good Command of English (both speaking and writing) is mandatory.
- Working Knowledge of the French language would be a plus.

**Experience and Skills**
- 0 to 2 years of experience in the IT or cybersecurity field (including project manager or business analyst position).
- Strong analytical and interpersonal skills are expected, with the ability to synthesize and communicate with non-specialists, regularly.

**Technical Skills Required**
- Awareness of cybersecurity concepts (e.g., CIA triad, security risks management).
- Having a general understanding of the Identity & Access Management activities (provisioning, de-provisioning, access review, definition of access profiles) and concepts (e.g., access control models, identity lifecycle, federated identities, SSO) would be a plus.

**What we offer**:

- Attractive compensation (includes fixed and performance bonus)
- Hybrid working mode with 2 days work from home per week with fle