The bank for a changing world

We are looking for




The Information and Communications Technology (ICT) Risk department is part of the Group RISK ORC Functions within BNP Paribas. It is a part of the 2nd Line Of Defence (2LOD) under the Bank’s Chief Cyber & Technology Risk Officer. Among others, the department has responsibility for identification of key technology risks to the Bank and influencing business and technology partners to take sound risk management decisions. 

This is achieved by delivering:

  • Application & Infrastructure Risk Assessments working with the Business and Technology teams to identify security issues in existing and new systems, and agree corresponding actions to mitigate or accept risks. Tracking issues and agreed actions to completion.
  • Horizontal Risk Assessments: Assessing technology risks in relation to a particular theme or technology across the organization. Examples could be assessments of the firewall change process, applications processing >$5m per day, applications hosted in the cloud, etc.
  • Vertical Risk Assessments: Assessing risks to a product, service, technology or infrastructure. For instance we may complete a vertical assessment on our remote working solution (including Infrastructure, applications, data, threats etc.) or our Internet connectivity.
  • Partnership to the Business and Technology teams in helping them understand their technology risk profile and influencing their risk management decisions.

The Global Operational Resilience & Crisis Management program within RISK ORC ICT is a critical component in ensuring the Group’s ability to prevent disruptions to its critical services from occurring, continue to meet its objectives if a disruption or incident does occur and return to normalcy, when disruption or crisis is eliminated. This applies to Cyber, Technology, Supply chains, physical infrastructure and People.

The above is achieved through main teams such as Cyber Detection (including Cyber Fraud), IT Resiliency, Business Continuity Oversight and Crisis Management.


The position of Cyber Fraud & Forensic specialist will be responsible for providing Cyber Forensic expertise within RISK ORC ICT and support in Cyber Fraud investigation matters.

  • Independently conduct Cyber Forensic activities related to data breach and security incidents, including but not limited to.
  • Recover and examine data from systems and electronic storage devices.
  • Dismantle and rebuild damaged systems to retrieve/investigate lost data.
  • Identify additional systems/networks/databases/applications compromised by cyber attacks.
  • Preserve data from a variety of platforms and sources; including laptops, desktops, servers, cloud services, mobile devices, and storage media in a manner that follows industry best practices and maintains forensic integrity.
  • Operating and maintaining a Digital Forensics Lab Environment, including all technologies, evidence, and processes.
  • Keeping abreast of emerging technologies, software and methodologies.
  • Providing research, design, and train personnel on internally designed technologies; evaluate emerging forensic technologies and provide operational security assessments.
  • Stay proficient in forensic, response and reverse engineering skills.

·        Provide independent risk opinion and challenge on Cyber Forensic Reports by First line of Defense teams.



•  Bachelor’s degree from an accredited college/university or equivalent work experience in Computer Science, Information Technology, or a similar discipline.

•  Demonstrate and maintain a proficiency forensic investigation techniques using a variety of commercial and open source digital forensic tools (e.g., EnCase, FTK, X-Ways, SIFT Workstation, NUIX).

•  Currently maintaining one or more professional certifications related to Digital Forensics or Incident Response (e.g., GCFE, GCFA, GREM, EnCe, CFCE).

•  Proficient in the latest forensic, response, and reverse engineering skills and astute in the latest exploit methodologies.

•  Experienced with conducting Incident Response and Forensic investigations within a global enterprise across multiple platforms and technologies.

•  Ability to independently investigate complex cases including cyber security incidents, intellectual property theft, fraud and abuse, asset misuse, and violations of corporate policy.

•  Familiarity with malware analysis and signature & hash analysis.

•  Demonstrate a strong understanding of hardware architecture, connection types, file system and internal system artifacts a variety of operating systems (e.g., Windows, UNIX, Linux, Mac OSX).

•  General working knowledge of networking protocols, security technologies, and application services.

•  Ability to interpret device and application logs from a variety of sources (e.g. Firewalls, Proxies, Web Servers, System Logs, Splunk, Packet Captures, etc.) to identify anomalies or evidence of compromise.

•  Industry-recognized information security certifications such as CISSP, CISA, GCCC, CISM, CRISC, CEH, OSCP or Security+.

•  Mastery of delivering formal deliverables such as PowerPoint presentation, reports or procedures.

•  Demonstrated ability to communicate effectively and to present in a structured approach.

•  Mastery of MS Office skills.

•  Good knowledge of ICT subjects.

•  Demonstrated ability to communicate effectively with stakeholders and technical staff.

•  Excellent written and verbal communication

•  High Level of English

•  High Level of French will be a plus


•        Possesses excellent report writing skills and the ability to present findings to management, legal and business leaders.

•        Good listening and analytical skills – being able to come to a thoughtful and business focused conclusion quickly.

•        Ability to co-operate and work well with others adopting an approachable style – Important as we work closely with a large and diverse set of suppliers and customers.

•        Ability to see the customer perspective, i.e. from a business point of view, the most secure solution is not always workable or realistic considering costs and benefits.

•        Demonstrating a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate.

•        Adapting personal approach to suit situations, individuals, groups and cultures. Is flexible in relation to getting the job done.

•        Taking accountability for their actions and be open and honest when things have gone wrong, and celebrating successes when things have gone well.

•        - Being rigorous and thorough – especially when logging and tracking issues through to conclusion.

•        - Ability to manage their workload as to meet the realistic targets and priorities set in conjunction with management.

•        - Demonstrating a high-level of commitment and self-motivation, combined with enthusiasm and a genuine interest  in the role of Risk Assessment in business.

•        - Ability to express views clearly and fluently, both orally and in writing. Considers the audience, avoiding technical jargon wherever necessary and appropriate.

•        Works iteratively, delivering quickly and frequently to produce high quality documents and outputs which require little to no rework.

•        Role model, promotion of a culture of good conduct and contribution to maintaining such a culture.

•        Demonstrate proactivity, transparency and accountability for identifying and managing conduct risks.

•        Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure.

•        Prepared to travel internationally.


•        Has the proven ability to think outside of the box, challenge industry norms and adapt quickly to evolving requirements.

•        Excellent in the ability to understand how and why processes and solutions are designed to deliver specific outcomes.

•        Is self-aware, anticipates problems, adapts and meets them head on.

•        Strong stakeholder management, relationship building, influencing, facilitating and presenting skills.

•        Is solutions focused – measures their output on whether issues, problems or challenges are resolved as a criteria for success.


    Primary Location: ES-MD-MadridJob Type: EstándarJob: RISKSEducation Level: Master Experience Level: Al menos 5 añosSchedule: Tiempo completo Behavioural competency: Capacidad para colaborar/ trabajar en equipo, Capacidad para tomar decisiones, Creatividad e innovación/ Capacidad para resolver problemas, Orientación al cliente, Capacidad de organizaciónTransversal competency: Capacidad de análisis, Networking, Capacidad para diseñar y adaptar un proceso, Capacidad para gestionar un proyectoReference: RISKORCICT