About BNP Paribas India Solutions:
Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.
About BNP Paribas Group:
BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability
Commitment to Diversity and Inclusion
At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.
About Business line/Function:
The Group RISK ORM Network Operational Risk Officer is part of the Group RISK Function within BNP Paribas. The department has responsibility for steering and reporting on the Group’s Operational Risk Management framework and status. It is the independent second line of defense on operational risk management activities of the Group, including on Information and Communication Technology risk management activities.
Job Title:
VP1- ORO ITG India – Team Lead
Date:
6-Jan -2025
Department:
Group RISK ORM
Location:
ISPL, Mumbai
Business Line / Function:
Group RISK ORM Network
Reports to:
(Direct)
Head of RISK ORM Network, India CoE
Grade:
(if applicable)
VP1
(Functional)
Group Head RISK ORM ORO ITG and ICT Functions & Transversal Activities
Number of Direct Reports:
1
Directorship / Registration:
N/A
Position Purpose
The below requirement is for Operational Risk Officer (ORO) role which is part of the Group RISK ORM Network team. The candidate will be part of The Bank’s 2nd line of defense function and will be responsible for the oversight of ISPL ITG platform operational risks, and, for conducting specific ORO activities on ITG Central perimeter in collaboration with the ITG Central OROs (e.g., provide 2LoD opinion on IT projects, 2LoD ICT activity/process reviews). The candidate will operate as team leader.
The position is based in India Solutions Pvt. Ltd. (ISPL), Mumbai and reports functionally to the Head of RISK ORM ORO ITG and ICT Functions & Transversal Activities.
Responsibilities
Direct Responsibilities
Operational Risk Officer role on ISPL ITG Platform (ICT and non-ICT risks):
· Provide guidance and 2LoD support to the ISPL 1LoD stakeholders to deploy the Group Operational Risk Management Framework on the ISPL ITG platform.
· Challenge of the operational risk cartography of ISPL ITG Platform covering the activities delegated to ITG ISPL by ITG and by Business Lines.
· Challenge the Local Control Plans.
· Conduct 2LoD controls to review the effectiveness of 1LoD controls as per the annual control plan.
· Challenge the Historical Incidents collection process ensuring that Historical Incidents are appropriately captured in the Group Operational Risk Tool and that action plans are defined where needed.
· Review and challenge 1LoD action plans.
· Participate to local Risk Committees and provide risk opinions.
· Contribute to the global ITG Risk Opinions in the ITG Group Risk Committees.
· Participate to the operational risk awareness of 1LoD stakeholders, from OPCs team to Senior Management.
Team leader:
· Organize and supervise the work assigned to the team (2 FTEs, including the team leader)
· Regularly report on the activity to the Head of Group ORO ITG
· Collaboration at the India CoE level with Head of India CoE, including but not limited to the CoE level reporting requirements
Contributing Responsibilities
Operational Risk Activities on ITG Central perimeter:
· Based on the ITG annual 2LoD control plan, conduct 2LoD controls to review IT processes and controls with the objective to identify potential control gaps, working in collaboration with the ORO on the perimeter; Prepare high quality reports and participate to the presentation of the reports to ITG Senior Management along with the ORO in charge of the perimeter.
· Participate to ITG project IT Solution Validation Committees and provide risk opinions in collaboration with the ORO in charge of the perimeter.
Technical & Behavioral Competencies
SKILLS, EXPERIENCE AND COMPETENCIES
Skills Required
- More than 7 years of experience in Operational Risk Oversight in 2nd line of defence function in a financial institution.
- 3-5 years of experience in IT audit / controls testing / technical assessments, preferably in the areas of Cyber and Technology domains.
- Must be able to interface and coordinate work efficiently, and effectively with business partners.
- Excellent analytical skills – being able to come to a thoughtful and business focused conclusion quickly.
- Good communication, listening and influencing skills, including ability to articulate complex issues and incorporate feedback and capacity to interact with Senior Management.
- Ability to manage their workload independently to meet their targets, and priorities set in conjunction with management.
- Demonstrating a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate.
- Adapting personal approach to suit situations, individuals, groups and cultures. Is flexible in relation to getting the job done.
- Being rigorous and thorough – especially when logging and tracking issues through to conclusion.
- Demonstrating a high-level of commitment and self-motivation, combined with enthusiasm and a genuine interest in the role of Risk Assessment in business.
- Ability to express views clearly and fluently, both orally and in writing. Considers the audience, avoiding technical jargon wherever necessary and appropriate.
- Works iteratively, delivering quickly and frequently to produce high quality documents and outputs which require little to no rework.
- Team player – focus on the success of the whole team. Working well both with others, as well as individually.
- Ability to work under strict timelines and at pressure situations to manage the delivery.
- Open to work under global time zones as required for workshops or stakeholder discussions.
- Fluent English speaking; French speaking would be added advantage but not mandatory
Skills Preferred
- Has the proven ability to think outside of the box, challenge industry norms and adapt quickly to evolving requirements.
- Is self-aware, anticipates problems, adapts and meets them head on.
- Strong stakeholder management, relationship building, influencing, facilitating and presenting skills.
- Is solutions focused – measures their output on whether issues, problems or challenges are resolved as a criteria for success.
Competencies:
Conduct:
- Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure.
Specific Qualifications (if required)
University degree (technical), and/or certification such as ISO27001, CISA, CISSP
Skills Referential
Behavioural Skills: (Please select up to 4 skills)
Attention to detail / rigor
Decision Making
Communication skills - oral & written
Ability to collaborate / Teamwork
Transversal Skills: (Please select up to 5 skills)
Ability to anticipate business / strategic evolution
Ability to inspire others & generate people's commitment
Ability to develop others & improve their skills
Analytical Ability
Ability to develop and leverage networks
Education Level:
Bachelor Degree or equivalent
Experience Level
At least 12 years
Other/Specific Qualifications (if required)
- Professional qualifications/trainings relevant to technology and/or cyber risk (e.g. change management, outsourcing, vulnerability management, cloud security etc.).
