Job Description

About BNP Paribas Group:

BNP Paribas is a top-ranking bank in Europe with an international profile. It operates in 71 countries and has almost 199 000 employees. The Group ranks highly in its three core areas of activity: Domestic Markets and International Financial Services (whose retail banking networks and financial services are grouped together under Retail Banking & Services) and Corporate & Institutional Banking, centered on corporate and institutional clients. The Group helps all of its clients (retail, associations, businesses, SMEs, large corporates and institutional) to implement their projects by providing them with services in financing, investment, savings and protection. In its Corporate & Institutional Banking and International Financial Services activities, BNP Paribas enjoys leading positions in Europe, a strong presence in the Americas and has a solid and fast-growing network in the Asia/Pacific region.

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, a leading bank in Europe with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 6000 employees, to provide support and develop best-in-class solutions.

About Business line/Function :

The Transversal team in Global Banking IT provides services IT Risk, Security and Control services for the application development teams present in ISPL. The team is responsible to help monitor, govern, guide and report on the IT security, Risk and control adherences for the application in scope of the team.

Job Title:

IT Security, Risk & Control Lead - Manager / AVP

Date:

Department:

Global Banking IT

Location:

Nirlon Knowledge Park, Mumbai

Business Line / Function:

Global Banking \xe2\x80\x93 Transversal Management

Reports to:

(Direct)

Grade:

(if applicable)

(Functional)

Number of Direct Reports:

NA

Directorship / Registration:

NA

Position Purpose

The Governance Lead role is to ensure the appropriate and robust IT Security, Risk and Control polices, processes are implemented & adhered-to by all stakeholders in the department. They would be responsible to monitor, report and assist teams in being compliant with the policies laid out by the Bank.

Function as the single point of IT contact for key elements such as enterprise IT policy governance, enterprise IT strategy, IT internal audits, and IT risk acceptance.

Responsibilities

Direct Responsibilities

Ensure strong and effective Risk Management\xe2\x80\x93 including operation risk

Manage transformation, improvement & control initiatives aligning with global strategies. Ensure strong collaboration and partnership of Global Banking \xe2\x80\x93 ISPL with responsible global teams

Help develop and implement processes to assess and/or monitor the effectiveness of Application\xe2\x80\x99s IT Security, risk and control procedures to ensure adherence to standards and policies as appropriate. Contribute to all aspects of the delivery lifecycle to provide guidance to the teams that ensures secured development of applications

Create and share reports with IT management, identifying and highlighting observations and suggesting options and recommendations

Serve as an expert to guide & review security testing requirements for applications in scope

Provide technical expertise testing to project teams guiding them when needed

Contributing Responsibilities

Collaborate with other ISPL functions to identify and implement consistent and effective approaches to security, risk, governance and control-based activities

Technical & Behavioral Competencies

Strong understanding of Application security including DevSecOps framework. Good knowledge of OWASP, OSSTMM, SANS and other application security standards and best practices

Strong understanding of IT Risk Management

Expert level understanding of application security practices

Keen desire to be at the leading edge of technology and process practices

Ability to work under minimal supervision

Strong analytical, interpersonal skills

Must have the ability to interact professionally with a diverse group of developers, tester engineers, and managers. Ability to work well with culturally diverse global teams

Excellent written and oral communication skills

Specific Qualifications (if required)

Minimum 7 years of relevant experience and proven accomplishments in IT security, Risk & Controls

Skills Referential

Behavioural Skills: (Please select up to 4 skills)

Ability to deliver / Results driven

Attention to detail / rigor

Adaptability

Ability to share / pass on knowledge

Transversal Skills: (Please select up to 5 skills)

Analytical Ability

Ability to anticipate business / strategic evolution

Ability to manage a project

Ability to manage / facilitate a meeting, seminar, committee, training\xe2\x80\xa6

Ability to inspire others & generate people\'s commitment

Qualifications

Education Level:

Bachelor Degree or equivalent

Experience Level

At least 10 years

Other/Specific Qualifications (if required)

Relevant industry recognized security or Risk certifications like CISSP / CISM, etc.

BNP Paribas