The bank for a changing world

We are looking for

Data Protection PM/BA

Apply REF: ITO001092

In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 17,000 employees* and a presence in 13 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.
Worldwide, BNP Paribas has a presence in 73 markets with more than 196,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.

BNP Paribas offers you an exciting career in an international business environment that is fast-paced, diverse and focuses on creating high-value relationships with our clients. We offer competitive salary and benefits, as well as a working environment where you’re valued as part of the team.

* excluding partnerships

Position Purpose

The Data Protection PM/BA coordinates the production and delivery of data protection services by the 4 streams (Requirement Analysis, Controls, Solutions and Remediation) within an Agile pipeline, with a focus on addressing regulatory and business risks.


DPS or Data Protection Services refers to the products (controls, platforms, tools, documentation, etc.) provided to end-users to assist them in complying with IT Security policies.




DPS team governance
- Understand the role and work of each of the 4 DPS streams, as well as the contribution from the offshore team and projects handled by vendors
- Maintain and share detailed RACIs and workflows describing the service production lifecycle, including interactions with key stakeholders outside DPS team
- Assist the Head of DPS in the preparation of budget and forecast by providing input on required skills and resources, supported by a capacity plan
- Contribute to the selection of added-value projects and initiatives to enhance DPS overall capabilities
- Suggest training for stream leads or other team members based on observations made during sprints

Global alignment
- Assist the Solutions stream in maintaining intragroup, internal and external SLAs with PMO
- Participate in global forums arranged by central stakeholders, as well as sessions with external providers such as Expand or Gartner
- Strive to maintain a strong alignment with the Group and CIB regarding Data Security initiatives
- Contribute to closing gaps between control levels for the different regions through collaboration and harmonization

- Collect project updates from the Solutions and Controls streams and consolidate weekly reporting in Clarity and for senior management
- Suggest standardized KRIs based on approved reporting requirements
- Support the Head of DPS in the preparation of material for Steering Committees (APAC Security SteerCo, TRM committees, etc.)
- Participate in the preparation of response to internal and external audits, operational permanent controls, etc.
- Help DPS team reach perfect compliance against the operational permanent control framework

- Manage the collection of ideas and requests from business units, management, auditors, etc.
- Prioritize corresponding use-cases within the backlog
- Assist the Controls stream in selecting the most appropriate control or process design
- Coordinate the production of data protection services within an Agile framework
- Challenge estimations from stream leads to reach the most realistic and efficient sprint planning
- As a Scrum Master, track day-to-day progress, visualize work-in-progress and assess the team’s velocity
- Once deliverables and ‘definition of done’ are agreed, push stream leads to maintain their accountability towards deliverable objectives and report deviations to the Head of DPS
- Directly assist stream leads in identifying, analysing and resolving issues and impediments
- Confirm the exhaustive coverage of test cases prepared by the Controls stream
- Verify that an adequate support model is in place and was successfully tested for each new DPS capability, control or service being rolled out, and work with Production Support team towards a unified set-up
- Use predefined indicators to measure the team’s capacity and the quality of work delivered at each stage of the service production chain
- Propose organizational changes within the DPS team to balance effort and optimize throughput
- Conduct retrospective sessions to continuously enhance the service delivery workflow

- Assist the Business Analysis stream in conducting regular business engagement forums where each business line is given a view of their own risks and regulatory posture, DPS initiatives impacting them, controls deployed for their users and issues encountered
- Participate in the presentation of regional KRIs to senior management, covering all businesses
- Expand the promotion of DPS solutions during business forums
- Contribute to the collection of business user feedback to assess satisfaction level

Technical & Behavioral Competencies

- Has a good understanding of risk management and data security
- Possesses technical background in Messaging, Web, and End-user Computing
- Has previously worked in large international organizations, especially in the finance industry
- Has proven Agile experience
- Is able to manage multiple projects under tight constraints
- Is experienced with process definition and documentation
- Exercises authority to lead team members to deliver as committed, and pushes them to keep ownership of their work
- Is ready to take accountability for short-term deliverables
- Is comfortable engaging very senior stakeholders
- Possesses strong negotiation skills and is able to obtain approval
- Is hands-on, problem-solver, and result-driven
- Is adept at direct, face-to-face communication, and able to take shortcuts
- Is highly dynamic and motivated
- Possesses excellent interpersonal skills
- Is able to prepare simple and high-impact communication material

Specific Qualifications (if required)

- Possesses at least one IT Security certification among CISSP, CISA, CISM and ISO/IEC 27001
- Beside fluency in English, proficiency in one Asian language is a plus

Primary Location: SG-06-SingaporeJob Type: Standard / PermanentJob: RISKSEducation Level: Bachelor Degree or equivalent (>= 3 years)Experience Level: At least 10 years Behavioural competency: Personal Impact / Ability to influence, Communication skills - oral & written, Ability to deliver / Results driven, Organizational skillsTransversal competency: Ability to manage a project, Ability to develop and adapt a process , Ability to set up relevant performance indicators, Ability to develop others & improve their skills, Ability to inspire others & generate people's commitment