Job Description – IT Risk Analyst

About BNP Paribas Group:

BNP Paribas is a top-ranking bank in Europe with an international profile. It operates in 71 countries and has almost 199 000 employees. The Group ranks highly in its three core areas of activity: Domestic Markets and International Financial Services (whose retail banking networks and financial services are grouped together under Retail Banking & Services) and Corporate & Institutional Banking, centred on corporate and institutional clients. The Group helps all of its clients (retail, associations, businesses, SMEs, large corporates and institutional) to implement their projects by providing them with services in financing, investment, savings and protection. In its Corporate & Institutional Banking and International Financial Services activities, BNP Paribas enjoys leading positions in Europe, a strong presence in the Americas and has a solid and fast-growing network in the Asia/Pacific region.

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, a leading bank in Europe with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 6000 employees, to provide support and develop best-in-class solutions.

About Businessline/Function :

FRESH is a unique community of Finance and RISK Projects & Systems along with their related IT teams.

Job Title:

IT Risk Analyst






Business Line / Function:


Reports to:



(if applicable)



Number of Direct Reports:

Directorship / Registration:


Position Purpose

The main responsibility of Cybersecurity personal is to develop and implement integrated solutions in the IT risk management policy approach.



Direct Responsibilities

  • Define and implement the requirements regarding IT Risk within the framework of the entity’s projects and IT system development projects
  • Help monitor and manage non-compliance issues related to IT Risks
  • Coordinate the implementation of IT Risk solutions for risks related to ADM of information systems
  • Monitor the IT risk process execution based on central risk register oversight
  • Perform IT risk reviews within ADM operational staff on a regularly basis
  • Ensure that cyber security, operational risk and remediation plans are properly managed
  • Identify shadow/light IT situations and support ADM teams to assess the residual risk level
  • Ensure that the entity’s risk profile is a key decision-making instrument for IT risk management
  • Execute risk and continuity permanent controls based on group generic ICT control plans
  • Define a communication, training and/or IT risk awareness raising program
  • Assist and provide advisory services for ADM operational staff
  • Prepare reports, risk measurements and the relevant management information

Contributing Responsibilities

  • Contribute to overall department and ISPL Vision goals as directed by Dept. head and Manager
  • Participate in the monitoring of the IT risk management framework in the entity
  • Build a thorough understanding of global cybersecurity posture of the Bank in order to provide high impact risk analysis to protect the firm.
  • Contribute to classify the applications based on data confidentiality, integrity, availability and traceability, in order to obtain an end-to-end view of the most critical IT assets/sensitive data.
  • Contribute towards the identification of KPIs for the Operational Resilience Dashboards. Publishing the dashboard on regular basis.

Technical & Behavioral Competencies

Functional Skills

· Experience in IT Risk and Cyber Security domains in a financial institution demonstrating a high-level of commitment and self-motivation.

· Knowledge in the Finance & IT industry with a strong exposure to IT Operations, Application Security and Business Continuity

· Risk knowledge and awareness of risks combined with enthusiasm and a genuine interest in the role of Risk Assessment, Risk Analysis in business and providing Risk Opinion as a subject matter expert.

· Demonstrates a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate;

Technical :

  • Good understanding of organizations and IT Businesses
  • Extended knowledge of end-to-end IT Security concepts
  • Good technical understanding of infrastructures and IT Security Productions and Systems
  • IT risk analysis and management methods
  • Knowledge of Cyber Resilience, IT continuity and business continuity
  • GRC - Governance, Risk Management and Compliance Management.

Behavioral :

  • Strong Communication, Analytical and problem solving skills.
  • Must be able to handle end users in a confident, positive and responsive manner
  • Proven organizational skills with excellent multi-tasking, result oriented and prioritization skills
  • Good documentation and reporting skills
  • Ability to work independently
  • Strong communication and interpersonal skills, able to communicate and relate easily with IT, Finance and back office users
  • Attention to détail and accuracy
  • Capacity for creativity and innovation
  • Self-discipline

Specific Qualifications (if required)

  • B.E. / B.Tech (ideal) / BSc
  • One or more Industry-recognized information security certifications such as CISSP, CISA, GCCC, CISM or CRISC.
  • Experience in IT Risk Management
  • IT Auditing (ISO 27001, ISO27005)
  • Regulatory Compliance

Skills Referential

Behavioural Skills: (Please select up to 4 skills)

Ability to collaborate / Teamwork

Attention to detail / rigor

Critical thinking

Choose an item.

Transversal Skills: (Please select up to 5 skills)

Analytical Ability

Ability to understand, explain and support change

Ability to develop and adapt a process

Ability to anticipate business / strategic evolution

Choose an item.

Education Level:

Bachelor Degree or equivalent

Experience Level

At least 5 years

Other/Specific Qualifications

  • B.E. / B.Tech (ideal) / BSc
  • One or more Industry-recognized information security certifications such as CISSP, CISA, GCCC, CISM or CRISC.
  • Experience in IT Risk Management
  • IT Auditing (ISO 27001, ISO27005)
  • Regulatory Compliance
Primary Location
Job Type
Standard / Permanent
Education Level
Bachelor Degree or equivalent (>= 3 years)
Experience Level
At least 5 years
LS IT Risk -002

Découvrez les métiers de BNP Paribas : Audit, Conformité, Risques et Juridique

Le paysage réglementaire de notre secteur évolue rapidement et nous nous devons d’être irréprochables ! Pour exercer un métier à fortes responsabilités et prendre part à des décisions stratégiques pour le bon fonctionnement de BNP Paribas, découvrez les opportunités offertes dans les métiers de l’audit, de la conformité, des risques et du juridique.

En savoir plus

Pourquoi je candidaterais ?

Pour quelles raisons je rejoindrais BNP Paribas et pas une autre entreprise ?

Parce que je souhaite...

  • Et si on vous disait que travailler dans notre Groupe, ce n’est pas ce que vous croyez ? Chez BNP Paribas, on exerce une multitude de métiers qui évoluent en permanence pour être en phase avec les attentes des clientes et clients comme de la société.

  • Se sentir bien dans son job, c’est avant tout venir travailler comme on est.  C’est aussi avoir les moyens d’un bon équilibre entre sa vie professionnelle et sa vie personnelle. Deux engagements majeurs pour BNP Paribas.

  • Chez BNP Paribas, le développement de vos compétences est essentiel, pour vous comme pour nous. Et cela vous servira pour toute votre vie professionnelle.

En savoir plus