The bank for a changing world

We are looking for

IT Auditor, IG Hub APAC

Job type Permanent
Job Function Periodic inspections
Brand Inspection Générale
Level of experience 6 to 10 years
Apply REF: INS000162

In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 17,000 employees* and a presence in 13 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.
Worldwide, BNP Paribas has a presence in 73 markets with more than 196,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.

BNP Paribas offers you an exciting career in an international business environment that is fast-paced, diverse and focuses on creating high-value relationships with our clients. We offer competitive salary and benefits, as well as a working environment where you’re valued as part of the team.

* excluding partnerships

Position Purpose
• To conduct audit work in accordance with the IG methodology and ensure high standard of deliverables
• To contribute to risk assessment of audit units based on knowledge obtained through assignments as well as day-to-day contact with auditees
To follow through with auditee on implementation of recommendations


Direct Responsibilities

1. Participate in the audit team assignments and special reviews (when required by regulators, business lines, or senior management)
- Contribute to the planning and preparation of the assignment e.g. understanding the methodology to be applied, acquiring a high-level knowledge of the activities to be covered, gathering relevant key figures, etc.
- Develop a thorough understanding of the activities within the scope of the assignment, its strategy and governance, and the related risks.
- Evaluate the overall setup and identify the main areas of risk (including a comprehensive assessment of the management actions).
- Recommend appropriate actions to the management in order to remediate the identified weaknesses.
- Formalize the results of the assignment investigations and contribute to the production of the assignment deliverables.
- Present the conclusions of the assignment fieldwork to the senior management.

2. Review the implementation of the Inspection Générale recommendations
- Review and challenge the actions defined to remediate the weaknesses identified by the audit team through its assignments.

3. Contribute to the periodic risk assessment of IT activities and planning
- Perform a periodic and comprehensive risk assessment of the IT activities as per the Group guidelines.
- Keep abreast of change/new development of regulatory requirements that are relevant to IT activities and related functions.
- Assist in the elaboration of the IT audit planning following a risk-based approach.

Contributing Responsibilities

- Contribute to the improvement of the Inspection Générale practices through the elaboration and update of our methodologies.

Technical and Behavioral Competencies required

- Technical background in Cybersecurity, IT system administration and IT risk management
- Outstanding analytical skills
- Curiosity, rigor, and precision.
- Ability to synthesize
- Excellent writing and presentation skills (in English)
- Experience with Data Analytics for audit
- High level of initiative, commitment, and drive
- Ability to work effectively under pressure and within short deadlines
Promotes a constructive, cooperative, and participative teamwork environment

Specific Qualifications (if required)

• Possess a Bachelor’s / Master’s Degree in Information Technology/ Management Information System / Computer Science and related discipline;
• At least 2 to 3 years of experience in external auditing / internal auditing / IT / risk / compliance / internal control / operations in the financial services industry.
• Professional Qualification/Certificate in Audit, e.g. CISA, CRISC, CISSP, CISM, CCSP is a plus.

Primary Location: HK-Hong Kong (HK)-Hong KongJob Type: Standard / PermanentJob: PERIODIC CONTROLEducation Level: Master Degree or equivalent (> 4 years)Experience Level: At least 7 years Behavioural competency: Ability to collaborate / Teamwork, Creativity & Innovation / Problem solving, Organizational skills, Attention to detail / rigorTransversal competency: Analytical Ability, Ability to develop and adapt a process , Ability to conduct a negotiation, Ability to develop others & improve their skills, Ability to anticipate business / strategic evolution