Retour à la liste des offres
Nous recherchons un

Project Manager - Risk and Cybersecurity

Horaires
Temps plein
Marque
BNP Paribas Wealth Management
Niveau d'expérience
6 à 10 ans
Niveau d'études
Niveau BAC+2/3
Désolé, cette offre est déjà pourvue
Mise à jour le 25.01.2024

About BNP Paribas Group:

BNP Paribas is a top-ranking bank in Europe with an international profile. It operates in 71 countries and has almost 199 000 employees. The Group ranks highly in its three core areas of activity: Domestic Markets and International Financial Services (whose retail banking networks and financial services are grouped together under Retail Banking & Services) and Corporate & Institutional Banking, centred on corporate and institutional clients. The Group helps all of its clients (retail, associations, businesses, SMEs, large corporates and institutional) to implement their projects by providing them with services in financing, investment, savings and protection. In its Corporate & Institutional Banking and International Financial Services activities, BNP Paribas enjoys leading positions in Europe, a strong presence in the Americas and has a solid and fast-growing network in the Asia/Pacific region.

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, a leading bank in Europe with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 6000 employees, to provide support and develop best-in-class solutions.

Job Title:

IT Risk & Cybersecurity Project Manager

Date:

10 Nov 2023

Department:

Wealth Management

Location:

Chennai

Business Line / Function:

ITRCS  (WMIS IT Risk and Cybersecurity Governance Office)

Reports to:

(Direct)

NA

Grade:

(if applicable)

(Functional)

Number of Direct Reports:

NA

Directorship / Registration:

NA

Position Purpose

The main responsibility of IT Risk & Cybersecurity Project Manager is to support the implementation of security controls into the organization, i.e. to its IT assets, IT projects, staff, territories and third parties.

The incumbent will manage an IT asset classification & remediation project. Based on their classification, each IT asset needs to comply with security controls. When facing to non-compliances, the incumbent will define and drive remediation actions with relevant teams in charge of operational implementation.

The incumbent will work hand in hand with the IT Development teams, IT Production teams and the business owners, as an enabler and a facilitator, in an Agile mindset.

More globally, the incumbent will work closely with Wealth Management CISO (Chief Information Security Officer), ICRO (IT Continuity & Resilience Officer) and ITRO (IT Risk Officer).

Responsibilities

Manage IT asset classification & remediation project

o   Coordinate with each IT asset owner to perform the asset classification

o   Coordinate with IT application security team to review the compliance with security requirements (e.g. data security, identity & access management, network security)

o   Coordinate with IT production team to review the compliance with IT continuity and resilience requirements

o   Ensure the compliance level of the applications with the Security architecture standards including Third-party and cloud security risks.

IT Governance Risk and Compliance (IT GRC)

o   Ensure the alignment with the Group and Wealth Management IT risk cybersecurity policies, for both IT project and IT assets in production

o   Ensure the compliance with regulatory bodies requirements, including for APAC (HKMA, MAS), EU (GDPR), Switzerland (FINMA)

o   Ensure the compliance with the IT security requirements by leveraging on a good knowledge of Security standards such as NIST, CIS, ISO2700x

o   Ensure data is complete and accurate into the IT GRC tool for Wealth Management IT Assets (classification, compliance & non-compliance, remediation plans, risk cards, etc.)

Reporting, Communication and cooperation with IT Risk / Security / Continuity actors

o   Ensure the regular reporting to the management on the progress of IT asset classification & remediation project

o   Report on IT GRC tool completeness and accuracy (i.e. coverage level and data quality issues)

o   Alignment on the objectives and means, contribution to the different global reporting (WM Cybersecurity Committee, WM Project Architecture and Security validation committees, Application Security Dashboard…).

o   Take part in the awareness and training activities, i.e. keeping documentation up to date, producing training material and animating training sessions

o   Cooperate with the global security teams concerning the integration of WM assets within production sites.

Keeping abreast of initiatives by the IT Security community within the Group and other IT Security stakeholders within the Group

Technical & Behavioral Competencies

Essential Banking Knowledge

Banking Knowledge and understanding of Wealth Management specificities

General Knowledge

International banking regulations

General Knowledge

Essential Technical Knowledge

Master the project management practices, including agile mind set as well as reporting, tooling (Sharepoint, Planner, Microsoft 365, PowerBI, Confluence, Jira)

Deep knowledge

Knowledge of IT Security standards and methodologies (e.g. NIST CSF, CIS, ISO2700x)

Good

Deep understanding of cybersecurity threats and remediation options

Good

IT Security Risk Assessment and Risk Management

Good

Essential Personal Skills

Communication skills – Ability to interact throughout oral and written communication skills

Deep Knowledge

Provide leadership to various stakeholders in proactive manner

Deep Knowledge

Ability to provide an accurate reporting to the Management

Deep Knowledge

Must be motivated, and able to work independently as well as part of a team

Deep Knowledge

Must demonstrate ethical responsibility, maturity, and discretion

Deep Knowledge

Specific Qualifications (if required)

Qualifications and Experience

-  5-8 years' experience in Project Management, information security and IT risk management.

-  Functional as well as technical knowledge of common IT architecture and Cybersecurity frameworks and solutions

-  Knowledge of Norms and Standards in the banking and cybersecurity industry

Other Value-added Competencies

-  Project Management skills

-  Advanced IT security / risk certifications: CISM / CCSK / CRISK / ISO2700x

Operational Risk and Permanent Control

Skills Referential

Behavioural Skills: (Please select up to 4 skills)

Creativity & Innovation / Problem solving

Decision Making

Ability to deliver / Results driven

Ability to collaborate / Teamwork

Transversal Skills: (Please select up to 5 skills)

Analytical Ability

Ability to understand, explain and support change

Ability to anticipate business / strategic evolution

Ability to develop and adapt a process

Ability to set up relevant performance indicators

Education Level:

Master Degree or equivalent

Experience Level

At least 10 years

Other/Specific Qualifications (if required)

-  Project Management skills

-  Advanced IT security / risk certifications: CISM / CCSK / CRISK / ISO2700x

Operational Risk and Permanent Control


NA

Découvrez les métiers de BNP Paribas : IT, Tech et Data

Au-delà d’être un groupe financier, BNP Paribas est aussi une entreprise technologique. Les systèmes d’information, la data et les outils sont au cœur de notre ADN et offrent de nombreuses opportunités professionnelles !

En savoir plus

Pourquoi je candidaterais ?

Pour quelles raisons je rejoindrais BNP Paribas et pas une autre entreprise ?

Parce que je souhaite...

  • Et si on vous disait que travailler dans notre Groupe, ce n’est pas ce que vous croyez ? Chez BNP Paribas, on exerce une multitude de métiers qui évoluent en permanence pour être en phase avec les attentes des clientes et clients comme de la société. Au travers d’actions du quotidien ou de grands projets, exercer l’un de nos métiers, c’est s’engager pour agir durablement.

  • Se sentir bien dans son job, c’est avant tout venir travailler comme on est.  C’est aussi avoir les moyens d’un bon équilibre entre sa vie professionnelle et sa vie personnelle. Deux engagements majeurs pour BNP Paribas.

  • Chez BNP Paribas, le développement de vos compétences est essentiel, pour vous comme pour nous. Et cela vous servira pour toute votre vie professionnelle.

En savoir plus