BNP Paribas is a leading European bank with an international reach. It has a presence in 73 countries, with more than 192,000 employees - including more than 146,000 in Europe and over 4,000 in Portugal alone.
BNP Paribas is present in Portugal since 1985, having been one of the first foreign banks to operate in the country. Today, BNP Paribas has several entities operating directly in this territory, offering a wide range of integrated financial solutions to support its clients and their businesses.
Worldwide, the Group has key positions in its three main activities : Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises : corporate clients and institutional investors.
The Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporate and institutional clients) to realise their projects through solutions spanning financing, investment, savings and protection insurance.
The Information and Communications Technology Risk department (ICT) is part of the Group Risk Functions within BNP Paribas.
It is a part of the 2nd line of defense under the Bank's Chief Cyber & Technology Risk Officer. Among others, the department has responsibility for identification of key technology risks to the Bank and influencing business and technology partners to take sound risk management decisions.
This is achieved by delivering :
Tracking issues and agreed actions to completion.
Examples could be assessments of the firewall change process, applications processing, applications hosted in the cloud, etc.
or our Internet connectivity.
Risk Measurement within RISK ORC ICT in one of the activities of the Information and Communications Technology (ICT) Risk department.
BNP Paribas is looking for Lead auditor for the Application Risk Control and assessment, which will help of the team to identify and reduce risks on the information system (alignment of strategy with business needs, software development life cycle, IT project management, IT architecture, IT security, etc.
and thus improve the Bank business as usual.
ROLE AND RESPONSIBILITES
The candidate is responsible for the development and operation of worldwide ICT applications controls risk assessments activities inside Risk Measurement.
These assessments will be top-down risk assessments starting at an IT process level down to technical components.
The IT process risk assessor will perform assessments on its own or participate to assessments performed with other Risk Measurement teams.
The team can bring value on scoping risks or transforming technical risks into business risks - for Retail, Investment Bank, Insurance, and other.
RISK ORC ICT is in a start-up mode. The role will help create the function, develop methodologies and train other teams.
There is a need to consolidate some of the other existing Operational, IT & Cyber risk functions from other teams, so an influencer and trust builder who can sell a value proposition is important. Planned activities are :
Governance and Oversight
Risk Management Environment
Data capture and operational risk reporting should be continuously enhanced and provide a feedback loop to enhance risk management policies, procedures and practices.
Assess operational risk response strategies. Validate risk transfer options.
Provide updates on regulatory and financial disclosure while complying with external and regulatory communications standards and disclosing the operational risk management framework of the bank in a manner that complies with the formal disclosure policy approved by the board of directors.
Control of concepts related to network infrastructure and information security, including emerging threats and attack methodologies, in particular :
Please note that only applications submitted in English will be considered.
In case you are selected for this role, further documentation will be requested to support your hiring process.
BNP Paribas is an equal opportunity employer and proud to provide equal employment opportunity to all job seekers. We are actively committed to ensuring that no individual is discriminated against on the grounds of age, disability, gender reassignment, marriage or civil partnership status, pregnancy and maternity, race, religion or belief, sex or sexual orientation.
Equity and diversity are at the core of our recruitment policy because we believe that they foster creativity and efficiency which in turn increase performance and productivity.
We strive to reflect the society we live in, while keeping with the image of our clients.