Standard / Permanent
• Cyber Risk Intelligence Manager, Americas Centre of Excellence
MISSION AND OBJECTIVES
The Information and Communications Technology (ICT) Risk department is part of the Group RISK ORC Functions within BNP Paribas. It is a part of the 2nd Line Of Defence (2LOD) under the Bank’s Chief Cyber & Technology Risk Officer.
Risk Intelligence plays an integral role in the intelligence driven risk assessment of banks security posture. The Risk Intelligence team is responsible for external engagement with peer groups and information security circles regarding cyber threats to proactively assess and issue an independent risk perspective on cyber threats such as intrusions, malware, unauthorized access, insider attacks and loss of proprietary information. This includes developing a deep understanding of global threat actors.
Cyber Risk Intelligence Manager (CIRM) within the ICT Risk Intelligence team provides intelligence support to ICT Risk and business stakeholders. CIRM needs a sharp intellect, an eye for detail, a high analytical capability and a good technical/cyber underpinning. CIRM is able to work autonomously, using sound judgment to decide which leads to pursue and prioritize threat assessments and workload accordingly. An interest in cyber, current affairs and technology is essential.
Risk Intelligence Specialists provide insights on to the ICT Risk Team as well as to stakeholders in the company. These analysts need to have a strong understanding of cybersecurity and ICT risks, a great deal of attention to detail and excellent analytical capabilities, as well as good technology and computer skills. Risk Intelligence Specialists are able to work autonomously, demonstrate strong judgment when choosing ways to follow and prioritize the assessment of threats and the corresponding workload accordingly. The incumbent must be interested in the computer world, news and technology.
As a Cyber Risk Intelligence Specialist, you are directly addressing the risks of risk information and working with key stakeholders involved in IT security and ICT risks. You acquire a thorough understanding of the company's global cyber security activities and, in order to protect it, provide information on the very significant risks. Applicants with experience in the investment bank sector, banking services, or banking will be significantly more advantageous.
• Produce threat assessments and participate in the risk information team's specific projects.
• Search the visible Web and the invisible Web (dark/deep Web), identify new sources of threats and learn about them.
• Understand all of the cyber threats facing the Bank, provide regular studies and analysis on the subject, and keep abreast of market trends and the latest relevant products in this area.
• Participate in the preparation of risk information reports by providing detailed analyses of cyber events, including relevant political, economic and geopolitical variables. Provide forward-looking views of key cyber risks and predict the strategic intentions, goals and objectives of cyberadversaries.
• Maintain detailed profiles of cyberadversaries by indicating what interests them, their relevance to the Bank, their tactics, techniques and procedures, their intentions, goals, and strategic objectives.
• Consider all threats by monitoring visible and invisible sources of information and contributing regularly to threats on threats.
• Contribute to written and oral presentations and presentations for ICT risk teams and teams from various sectors of activity.
• If necessary, participate in projects or initiatives related to ICT risks to acquire an overall vision of the global ICT risk team.
• Analyze a large amount of data to produce reporting parameters on the Internet
• Assist, when relevant, to conferences on cyber security, information exchange sessions and peer group meetings to better understand cyber threats
• Carry out any other assigned tasks
TRAINING AND OCCUPATIONAL EXPERIENCE
• University degree (B.A or B.Sc.) in information technology or similar training and experience.
• Minimum of 4 years of experience as information security officer or analyst.
• Relevant professional qualification in information security, such as CISSP, CISM, CRISK, CEH or Security+
• Experience in the creation of official documents, including presentations, reports and procedures
ESSENTIAL SPECIFIC REQUIREMENTS
• Ability to present documentation professionally in a well-structured format
• Good mastery of MS Office suite (basic applications)
• Tool Utilization Experience Table
• An excellent and manifest knowledge of cybersecurity and understanding of the principles of information analysis
• An excellent understanding of the concepts of networking and information security, including emerging attack threats and methodologies
• Experience within the intelligence community or an international institution conducting work in the fields of cyber intelligence or security intelligence
• Practical knowledge of all threats to international security and good knowledge of tactics, techniques and procedures used by the Bank's cyber-opponents
• Understanding of the terminology and tactics used by threats
• Understanding the principles of cyber security, cyber risk and cyber threats
• Operating its sense of initiative in managing its research efforts
• Experience in the financial sector
SKILLS AND BEHAVIOURS
• Role of model, promotion of a culture of good conduct and contribution to maintaining such a culture
• Proactivity, transparency and clear accountability for the determination and management of behaviour risks
A recruitment policy that promotes equity and diversity:
Equity and diversity are at the core of our recruitment policy because we believe that they foster creativity and efficiency which in turn increase performance and productivity. We strive to reflect the society we live in, while keeping with the image of our clients.
We pride ourselves in applying non-discrimination rules to all our recruitments.
We will only contact the candidates selected who meet the job requirements in terms of training and experience.
About BNP Paribas
BNP Paribas is a leading bank in Europe with an international reach. It has a presence in 73 countries, with more than 195,000 employees, including more than 148,000 in Europe. The Group has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. The Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realise their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, the Group has four domestic markets (Belgium, France, Italy and Luxembourg) and BNP Paribas Personal Finance is the leader in consumer lending. BNP Paribas is rolling out its integrated retail-banking model in Mediterranean countries, in Turkey, in Eastern Europe and a large network in the western part of the United States. In its Corporate & Institutional Banking and International Financial Services activities, BNP Paribas also enjoys top positions in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific.
About BNP Paribas in Canada
In Canada, BNP Paribas is one of the dominant foreign banks in the country and is committed to building its platform even further. Since becoming the operational hub for the Group’s activities in North America in 2013, it has grown significantly to reach more than 700 employees and is expected to continue growing in the coming years. With the continued development of technology and financial fields, BNP Paribas Canada continues to attract experts with diverse backgrounds as well as young and ambitious talent from across the globe. With the international mobility and capacity that very few companies can offer, BNP Paribas prides itself in providing a superior foundation for building a professional career - a place for people to learn, to achieve and grow.