About BNP Paribas India Solutions:
Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.
About BNP Paribas Group:
BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability
Commitment to Diversity and Inclusion
At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.
About Business line/Function:
The CIB Production team supports IT Infrastructure and Application production support function is based out of India and provides support services to global regions.
Job Title:
IT Risk Officer
Date:
Department:
IT Production
Location:
Mumbai
Business Line / Function:
CIB IT
Reports to:
(Direct)
Grade:
(if applicable)
(Functional)
Number of Direct Reports:
3
Directorship / Registration:
NA
Position Purpose
IRM is responsible to maintain the IT Risk Framework and its associated controls and reporting. This role is responsible to evaluate overall information technology risk, maintain an active view, and report on the actual, mitigated, and residual risk in the technology organization. All Risk & Control closure activities are coordinated through this role, including the actual submissions for closure.
Responsibilities
Direct Responsibilities
- Serve as liaison to auditors, consultants, and the bank Compliance Committee regarding documentation and review of IT Infrastructure domains.
- Collaborate with internal & external stakeholders to execute central & local OPC controls, develop corrective action plan for control gaps, and ensure closure meets BNP Paribas requirements or industry best practices.
- Mitigate risk by analyzing the root cause of issues, impacts to business, and required corrective actions and develop technological and security solutions to cover all IT Infrastructure risks.
- Timely escalation to Senior Management on the open gaps, which are unresolved and pose IT Infrastructure risk to the organization compliance.
- Ensure compliance against statutory obligations and seek opportunities to enhance the efficiency of the IT Infrastructure policies and procedures. Play security advisory and counsel role as needed.
- Create awareness across the organization on the developments within IT domain based on the policies, procedures and guidelines issued by Group / Regional / Territory Management.
- Represent IT Infrastructure & Production at various security & control governance forums. Review and submit IT Infrastructure reports and ensure actions are closed.
- Maintain ISO 9001:2015 and ISO 27001:2013 certifications for IT Infrastructure & Production department.
Contributing Responsibilities
- Contribute to the Risk and Control Self-Assessment for the risks emanating for IT Infrastructure & Production department.
- Preparation of presentations for various governance & controls forums.
Technical & Behavioral Competencies
- 10 years or more of IT Infrastructure / Audit experience, preferably with a Financial Services, Brokerage, or Public Accounting Firm.
- Strong technical and analytical skills and willingness to learn and keep up with industry, regulatory and technical developments.
- A detailed understanding of Cyber Security, Governance & Controls and experience at least one of the following: vulnerability and patch management; threat intelligence and information sharing; secure application development; intrusion detection and incident response; security logging and monitoring and analytics; identity management and access control; encryption and data protection; data leakage prevention and digital rights management.
- Ability to collaborate with Technology, Production Security and IT Security and work within a team.
- Strong written and verbal communication skills. Risk Reporting & Metrics skills are required. Must be able to summarize and communicate technical data to a non-technical audience.
- Bachelor’s Degree (Computer Science or IT related preferred)
- Minimum one certification is mandatory - CISA, CRISC, CISSP & other relevant certifications.
Specific Qualifications (if required)
Skills Referential
Behavioural Skills : (Please select up to 4 skills)
Creativity & Innovation / Problem solving
Communication skills - oral & written
Ability to collaborate / Teamwork
Ability to synthetize / simplify
Transversal Skills: (Please select up to 5 skills)
Analytical Ability
Ability to understand, explain and support change
Ability to manage a project
Ability to set up relevant performance indicators
Ability to develop and adapt a process
Education Level:
Bachelor Degree or equivalent
Experience Level
At least 10 years
Other/Specific Qualifications (if required)
NA