We are looking for

Associate/Senior Associate - Third Party Security Risk Management

Apply REF: FUN000687

  

About BNP Paribas Group:

BNP Paribas is a top-ranking bank in Europe with an international profile. It operates in 71 countries and has almost 199 000 employees. The Group ranks highly in its three core areas of activity: Domestic Markets and International Financial Services (whose retail banking networks and financial services are grouped together under Retail Banking & Services) and Corporate & Institutional Banking, centred on corporate and institutional clients. The Group helps all of its clients (retail, associations, businesses, SMEs, large corporates and institutional) to implement their projects by providing them with services in financing, investment, savings and protection. In its Corporate & Institutional Banking and International Financial Services activities, BNP Paribas enjoys leading positions in Europe, a strong presence in the Americas and has a solid and fast-growing network in the Asia/Pacific region.

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, a leading bank in Europe with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 6000 employees, to provide support and develop best-in-class solutions.

About Businessline/Function :

The Third Party Risk Management Team is responsible for identifying and assessing risks relating to Information Security, Business Continuity and Physical Security arising out of the Third Parties providing services to BNP Paribas. This includes policy, governance, risk management, reporting and ownership of the lifecycle of Security Risk Assessment of the Third Parties.

  

Job Title:

Associate/Sr. Associate

 

Date:

27/05/2021

Department:

Procurement CoE

Location:

Mumbai

Business Line / Function:

Procurement

Reports to:

(Direct)

Manager, NAR Third Party Risk Management team.

Grade:

(if applicable)

(Functional)

Number of Direct Reports:

NA

Directorship / Registration:

NA

 

Position Purpose

This role will be responsible for supporting the Third Party Risk Management team in identifying and evaluating potential/recognized risks related to Information Security, Business Continuity and Physical Security. The 3rd Party Security Risk Assessor, reporting to the Manager, Third Party Risk Management team  that  performs security assessments of vendors, service providers and 3rd party companies that manage systems or information for BNP Paribas.

Responsibilities

Direct Responsibilities

·       Review services provided by vendor and define scope of assessment based on a questionnaire

·       Perform remote security assessments or work with 3rd party provider who will be performing the review

·       Define appropriate risk levels and corrective actions

·       Report on assessment outcomes, risk level and associated recommendations

·       Input corrective action plans into system

·       Follow up on corrective action plans and review evidence for closure

·       Provide metrics on a regular basis (KPI / KRI)

·       Periodically reach out to vendors hosting our data regarding current threats to ensure they are taking necessary steps to reduce exposure.

·       Perform periodic follow up of outstanding Action Plans with external suppliers as well as internal Relationship Managers.

·       Update/ document relevant TPRM policies and procedures

·       Identifying and reporting/ escalating potential areas of risk/ non-responses to TPRMO.

Technical & Behavioral Competencies

·       Effective verbal and written communication skills

·       Proficiency in Microsoft Word, PowerPoint, Project

·       Very strong work ethic and ability to deal with confidential information

·       Experience with a multicultural environment

·       Strong problem-solving and analytical skills

·       Candidate must be able to evaluate the services provided by vendors

·       The ability to identify risks and develop appropriate responses

·       Organizational skills to timely review vendor performances and risks

  • Demonstrate excellent relationship management and conflict management capabilities in order to guide the client/vendor relationship through such experiences

Skills Referential

Behavioural Skills:

Critical thinking

Communication skills - oral & written

Attention to detail / rigor

Creativity & Innovation / Problem solving

Transversal Skills:

Analytical Ability

Ability to manage / facilitate a meeting, seminar, committee, training…

Ability to set up relevant performance indicators

Ability to develop and adapt a process

Ability to develop and leverage networks

Education Level:

Bachelor Degree or equivalent

Experience Level

At least 3 years

Other/Specific Qualifications (if required)

·       Good to have industry recognized Information Security Certifications


Technical & Behavioral Competencies

·       Effective verbal and written communication skills

·       Proficiency in Microsoft Word, PowerPoint, Project

·       Very strong work ethic and ability to deal with confidential information

·       Experience with a multicultural environment

·       Strong problem-solving and analytical skills

·       Candidate must be able to evaluate the services provided by vendors

·       The ability to identify risks and develop appropriate responses

·       Organizational skills to timely review vendor performances and risks

  • Demonstrate excellent relationship management and conflict management capabilities in order to guide the client/vendor relationship through such experiences
Primary Location: IN-MH-MumbaiJob Type: Standard / PermanentJob: PROCUREMENT OR SECURITY OR FACILITIES MANAGEMENTEducation Level: Bachelor Degree or equivalent (>= 3 years)Experience Level: At least 3 yearsSchedule: Full-time Reference: FUN000687