La banque d'un monde qui change

Nous recherchons un

Associate - IT Continuity & IT Security

Postuler REF: IND000212

BNP Paribas Group is a leading European bank with a strong global footprint across 72 markets and more than 202,000 employees. The Group provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships”.


About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas Group, a leading bank in Europe with an international reach. With delivery centers located in Mumbai and Chennai, we are a 24x7 global delivery center. We partner various business lines of BNP Paribas such as Corporate and Institutional Banking, Wealth Management, Retail Banking through three verticals - Information Technology, Operations and Finance Shared Services.


About Business line/Function : BP2S IT Risk and Cyber Security 


Security risk management policy (SRM-L2-00), and aligned with the Group 2OPC approach related to risks cartography (CG0121EN and COP0028EN).


Cross references to Risk analysis methodology user guide (SRM-L4-01) are also provided to aid comprehension of the risk analysis methodology proposed by GGS (which is based on EBIOS methodology).


Risk level is the combination of the severity of impacts (or consequences), that can be assessed through the Impact Severity Matrix sheet, and of the likelihood for a feared event, that can be assessed though the likelihood Matrix sheet.


For Impact study please consider the below support information:


Impact severity level is used to assess risk level (in combination with likelihood of threat scenarios) and relies on the potential consequences of a feared event on an essential asset (to be assessed by the business).


 For a feared event, the severity level can be different depending on each type of impact. Hence, the final severity level for each feared event should correspond to the highest severity level assessed amongst all impact types;


 Criticality of assets is bound to security needs, to be evaluated for Confidentiality, Integrity, Availability, and Traceability (combines Non-repudiation and Authenticity);


 Sensitivity is used to describe the criticality of data and information. Sensitive data hence means that this data or information is a critical asset, in particular in terms of Confidentiality (but it may also concern other security needs);


 Although impacts with high severity levels are more likely when essential assets are concerned, criticality level is not directly used to calculate risk level (severity level is used instead).




Position Purpose

To Manage BP2S Global IT Continuity activities from Chennai as extended team of Paris CYBER Security team.

Direct Responsibilities

·   To consolidate and maintain the list of the critical IT assets of the entity;

·   To ensure the quality of the IT Continuity data in referential;

·   To monitor the plans of regular exercises;

·   To consistently follow-up and chase for open topics until closure is achieved;

·   To collect IT Continuity documentation and evidences from projects, studies and IT production from all locations;

·   To interface with permanent control agents and teams to provide required evidences.

Contributing Responsibilities 

IT Continuity Assistant

The Information Continuity Specialist’s mission is to participate in the overall management of IT Continuity risks and mitigation measures.

He/She fosters the community of BNP Paribas Securities Services IT Continuity in close connection with Group business continuity, the Group Security and permanent control.

He/She plays a part of coordination and assistance on the IT area in order to ensure the good professionalization and the organization based on the requirements, methodologies and tools used.

He/She has the role of monitoring and controlling the IT Continuity within the entity, to collaborate and communicate with the IT Continuity Teams in other locations.




Primary Location: IN-TN-ChennaiJob Type: Standard / PermanentJob: PROCUREMENT OR SECURITY OR FACILITIES MANAGEMENTEducation Level: Bachelor Degree or equivalent (>= 3 years)Experience Level: At least 3 years Behavioural competency: Ability to collaborate / Teamwork, Proactivity, AdaptabilityTransversal competency: Ability to understand, explain and support change, Ability to develop and leverage networks, Analytical AbilityReference: IND000212