Retour à la liste des offres
Nous recherchons un

ICT Controls Testing Lead- AVP/VP1

Temps plein
BNP Paribas
Niveau d'expérience
6 à 10 ans
Niveau d'études
Niveau BAC+2/3

About BNP Paribas Group:

“BNP Paribas Group is a leading European bank with a strong global footprint across 72 markets and more than 202,000 employees. The Group provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships”.

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas Group, a leading bank in Europe with an international reach. With delivery centers located in Mumbai and Chennai, we are a 24x7 global delivery center. We partner various business lines of BNP Paribas such as Corporate and Institutional Banking, Wealth Management, Retail Banking through three verticals - Information Technology, Operations and Finance Shared Services.

About Businessline/Function :

RISK Operational Risk Management (RISK ORM), created early 2021 to oversee operational risks within the mandate of the RISK function, is organized, under the responsibility of the Group Chief Operational Risk Officer (Group CORO), around 3 Poles: RISK ORM Framework, RISK ORM Technology & Transversal Risks and RISK ORM Network.

Under the authority of the Pole’s Manager, RISK ORM Network is made up of all the Operational Risk Officers (OROs) acting as the 2nd line of defense within the Group’s operational entities (Poles, Business Lines, Functions, transversal Activities).

Job Title:

ICT Controls Testing Lead


21 November 2022





Business Line / Function:

Group RISK ORM Networks

Reports to:


Head of GF-Group RISK ORM Network, India CoE


(if applicable)



Group Head of ICT Controls Testing

Number of Direct Reports:


Directorship / Registration:


Position Purpose

The below requirement is for the ICT Controls Testing Lead role which part of the RISK ORM Network. The individual will be part of The Bank’s 2nd line of defense function, and they will be responsible for testing the deployment, and effectiveness of the IT and Cyber controls globally.

The position is based in India Solutions Pvt. Ltd. (ISPL), Mumbai and reports to Head of GF-Group RISK ORM Network, India CoE, plus functionally to Group Head of ICT Controls Testing.


  • Manage the delivery of the COE India team dedicated to performing the check and challenge on the execution of ICT controls (verification, re-performance, direct controls testing) requiring technical and business expertise from the Group RISK function.
  • Ensure completion of the testing and adherence to the internal timelines.
  • Draft high quality reports containing the assessor’s opinion on the ICT control gaps, and recommendations for improvement, post completion of an assignment.
  • Participate to the performance of the independent testing of ICT controls (ITGC controls testing) to determine the design effectiveness, and operating effectiveness of IT and Cyber controls.
  • Contribute to the industrialization and automation of RISK ORM ICT control testing services by development of methodologies / tools for the achievement of assignments.
  • Review and assist with the evaluation of control deficiencies and provide practical recommendations for remediation.
  • Proactively contributes to the usage and enhancement of Group tools for 2LOD control testing.
  • Provides upon request of business or the Operational Risk officer(s), advice on ICT controls related to IT and cyber risk management.
  • Actively participates in the monitoring of the 2LOD ICT control results, and their reporting to senior management.
  • Work in collaboration with other stakeholders from business and RISK ORM teams to contribute towards influencing the ICT risk culture of The Bank.
  • Identify areas of improvement for ICT control testing, and assist with the enhancement of the methodologies / tools for carrying out the ICT controls testing assignments.

Improve the effectiveness of the Internal Controls programme by reviewing the control environment, risk assessment process, control activities, information and communication and monitoring activities

Technical & Behavioral Competencies


Skills Required

  • 7-10 years of experience in IT audit / ITGC controls testing / technical assessments, preferably in the areas of Cyber and Technology domains in a financial institution.
  • Must be able to interface and coordinate work efficiently, and effectively with business partners.
  • Excellent analytical skills – being able to come to a thoughtful and business focused conclusion quickly.
  • Good communication, listening and influencing skills, including ability to articulate complex issues and incorporate feedback.
  • Ability to manage their workload independently to meet their targets, and priorities set in conjunction with management.
  • Demonstrating a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate.
  • Adapting personal approach to suit situations, individuals, groups and cultures. Is flexible in relation to getting the job done.
  • Being rigorous and thorough – especially when logging and tracking issues through to conclusion.
  • Demonstrating a high-level of commitment and self-motivation, combined with enthusiasm and a genuine interest in the role of Risk Assessment in business.
  • Ability to express views clearly and fluently, both orally and in writing. Considers the audience, avoiding technical jargon wherever necessary and appropriate.
  • Works iteratively, delivering quickly and frequently to produce high quality documents and outputs which require little to no rework.
  • Team player – focus on the success of the whole team. Working well both with others, as well as individually.
  • Ability to work under strict timelines and at pressure situations to manage the delivery.
  • Open to work under global time zones as required for workshops or stakeholder discussions.

Skills Preferred

  • Has the proven ability to think outside of the box, challenge industry norms and adapt quickly to evolving requirements.
  • Is self-aware, anticipates problems, adapts and meets them head on.
  • Strong stakeholder management, relationship building, influencing, facilitating and presenting skills.
  • Is solutions focused – measures their output on whether issues, problems or challenges are resolved as a criteria for success.


  • University degree (technical), and/or certification such as ISO27001, CISA.
  • Professional qualifications/trainings relevant to technology and/or cyber risk (e.g. change management, outsourcing, vulnerability management, cloud security, etc.).


Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure.

Specific Qualifications (if required)

referred Qualifications / Certifications :

  • University degree and/or certification such as CISSP, CISA, ITIL, CISM or CRISC.
  • Professional qualifications relevant to Risk Management, Information Security and securing emerging technologies such as cloud, mobile, product development lifecycle.
  • Has the proven ability to think outside of the box, challenge industry norms and adapt quickly to evolving requirements.
  • Is self-aware, anticipates problems, adapts and meets them head on.
  • Strong stakeholder management, relationship building, influencing, facilitating and presenting skills.
  • Is solutions focused – measures their output on whether issues, problems or challenges are resolved as a criteria for success.

Skills Referential

Behavioural Skills: (Please select up to 4 skills)

Attention to detail / rigor

Personal Impact / Ability to influence Ability to collaborate / Teamwork Ability to deliver / Results driven

Transversal Skills: (Please select up to 5 skills)

Ability to develop others & improve their skills

Ability to inspire others & generate people's commitment

Analytical Ability

Ability to anticipate business / strategic evolution

Ability to develop and leverage networks

Primary Location
Job Type
Standard / Permanent
Education Level
Bachelor Degree or equivalent (>= 3 years)
Experience Level
At least 7 years

Découvrez les métiers de BNP Paribas : Audit, Conformité, Risques et Juridique

Le paysage réglementaire de notre secteur évolue rapidement et nous nous devons d’être irréprochables ! Pour exercer un métier à fortes responsabilités et prendre part à des décisions stratégiques pour le bon fonctionnement de BNP Paribas, découvrez les opportunités offertes dans les métiers de l’audit, de la conformité, des risques et du juridique.

En savoir plus

Pourquoi je candidaterais ?

Pour quelles raisons je rejoindrais BNP Paribas et pas une autre entreprise ?

Parce que je souhaite...

  • Et si on vous disait que travailler dans notre Groupe, ce n’est pas ce que vous croyez ? Chez BNP Paribas, on exerce une multitude de métiers qui évoluent en permanence pour être en phase avec les attentes des clientes et clients comme de la société.

  • Se sentir bien dans son job, c’est avant tout venir travailler comme on est.  C’est aussi avoir les moyens d’un bon équilibre entre sa vie professionnelle et sa vie personnelle. Deux engagements majeurs pour BNP Paribas.

  • Chez BNP Paribas, le développement de vos compétences est essentiel, pour vous comme pour nous. Et cela vous servira pour toute votre vie professionnelle.

En savoir plus