About BNP Paribas Group:


“BNP Paribas Group is a leading European bank with a strong global footprint across 72 markets and more than 202,000 employees. The Group provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships”.



About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas Group, a leading bank in Europe with an international reach. With delivery centers located in Mumbai and Chennai, we are a 24x7 global delivery center. We partner various business lines of BNP Paribas such as Corporate and Institutional Banking, Wealth Management, Retail Banking through three verticals - Information Technology, Operations and Finance Shared Services.

About Businessline/Function :

CIB Security & IT Risk provides information security services for the BNP Paribas Group. The IT Security Professional role is based in Mumbai and will work as part of a global team covering security risks and associated activities in multiple locations across EMEA, AMER & APAC.

Job Title:

Information Security Professional


4 June 2019


CIB Security & IT RISK


Infinity Mumbai

Business Line / Function:

Reports to:



(if applicable)


Number of Direct Reports:


Directorship / Registration:



Position Purpose

The purpose of the position is to help with the information security topics mentioned in the direct responsibilities.


Direct Responsibilities

  • Good Understanding of Information Security Concepts and Strategies.
  • Ability to liaise with cross functional stakeholders globally.
  • Knowledge of Data Classification and Data Masking Techniques and Mitigation Strategies.
  • Working knowledge of Data Security tools like Delphix, DLP, Titus, AbInitio, Archer, etc.
  • Well-verse in conducting Security Review, Assessments and providing recommendations.
  • Experience in developing content and conducting Security awareness training.
  • Experience in Process Improvement, Controls Enhancement and Reporting.
  • Good understanding of data protection regulations and impact on IT landscape
  • Providing advice and guidance to the Technology stakeholders on risk and control matters
  • Identifying key risk trends, issues and other insights requiring further investigation and following up with Technology as appropriate.
  • Providing independent expert advice to the IT areas on application & data risk issues.

·       Engaging with Firm wide risk and control groups, including internal audit and territory control teams

·       Working with Technology stakeholders (including Production Support and Development teams) to identify the top technology IT risks impacting the firm and formulating appropriate remediation strategies based on full understanding of business exposure and compensating controls.

·       Executing IT risk assessment reviews, identifying controls gaps and working in collaboration with subject matter experts to devise appropriate mitigation plans.


Contributing Responsibilities

·       Monitoring and oversight of existing IT risks, working collaboratively with stakeholders in ensuring plans are managed within timescales and escalating where appropriate.

·       Managing relationships with Business and IT teams, chairing periodic meetings and being a point of contact for escalating to wider team members.

·       Contribute relevant information technology risk information as required by group reporting.

·       Assistance with drafting of risk acceptance statements and coordinating sign-off from business and IT stakeholders.

·       SPOC for security architectures meetings.

Technical & Behavioral Competencies

-       Excellent Inter personal and presentation skills

-       Strong project  and resource management

-       Strong in verbal and written communication

-       Clear understanding of application and data security

-     Security understanding or experience in cryptography, key management, ciphers

-     Must be flexible, independent, self-motivated

-       Good analytical skills

Specific Qualifications (if required)

-       CISSP or CISM or CRISC mandatory

-      Technical Graduate (Computer Science) Preferable.


Skills Referential

Behavioural Skills:

Ability to collaborate / Teamwork

Critical thinking

Communication skills - oral & written

Ability to deliver / Results driven

Transversal Skills:  

Analytical Ability

Ability to manage a project

Ability to develop others & improve their skills

Ability to manage / facilitate a meeting, seminar, committee, training…

Choose an item.

Education Level:

Bachelor Degree or equivalent

Experience Level

At least 7 years

Other/Specific Qualifications (if required)

Primary Location
Job Type
Standard / Permanent
Education Level
Bachelor Degree or equivalent (>= 3 years)
Experience Level
At least 5 years

Pourquoi je candidaterais ?

Pour quelles raisons je rejoindrais BNP Paribas et pas une autre entreprise ?

Parce que je souhaite...

  • Et si on vous disait que travailler dans notre Groupe, ce n’est pas ce que vous croyez ? Chez BNP Paribas, on exerce une multitude de métiers qui évoluent en permanence pour être en phase avec les attentes des clientes et clients comme de la société.

  • Se sentir bien dans son job, c’est avant tout venir travailler comme on est.  C’est aussi avoir les moyens d’un bon équilibre entre sa vie professionnelle et sa vie personnelle. Deux engagements majeurs pour BNP Paribas.

  • Chez BNP Paribas, le développement de vos compétences est essentiel, pour vous comme pour nous. Et cela vous servira pour toute votre vie professionnelle.

En savoir plus