About the job
The global Operational Resilience program is a critical component in ensuring the Group’s ability to anticipate, prevent, detect, withstand, recover, and learn from operational disruptions that impact the delivery of vital services. This applies to cyber, technology, third parties, physical infrastructures, and people.
While Operational Resilience is the holistic approach to make vital services resilient, DORA (Digital Operational Resilience Act) focusses on the “Digital/ICT Risk” aspects of Operational Resilience.
As a Digital Operational Resilience Risk Officer, the individual will support the Global Lead of Business & IT Continuity and Third-Party technology Risk in the development and deployment of the wider Operational Resilience framework and governance from a Second Line of Defense (2LoD) perspective. The role will be focused on Operational Resilience Subject matter expertise on delivery of team objectives and has a wide variety of subjects such as DORA, IT Resilience, Business Continuity and Third-party technology risk management.
The role also involves interactions within other RISK function teams such as Crisis Management, Entities Operational Risk Officers, and First Line of Defence (1LoD) operations. The role will be focusing on working with a broad set of stakeholders at the Group and Entities levels, making sure we have the capability to withstand incidents and still maintain our vital services.
The Digital Operational Resilience Risk Officer reports directly to the Operational Resilience Team Leader in the Global ORM Iberian Centre of Excellence and functionally to the manager located in Paris.
Your Main Activities Are
The role is key within the RISK ORM Operational Resilience team as it will contribute to the design, delivery and testing of Operational resilience 2LoD approach and framework on following missions:
1. Support the Global Head of RISM ORM OpRes - Business & IT Continuity and Third-Party Technology Risk in oversight of Digital Operational Resilience, Business Continuity and Third-Party Technology Risk Management to the senior stakeholders across the Group.
2. Provide a 2LoD Subject Matter Expert (SME) opinion on many projects for other teams and Senior management of the Bank.
3. Play an active role in the day-to-day management of the communities comprising of cross functional stakeholders such as IT Group, incl. IT continuity & IT resilience teams, CISO teams, Third-party risk management teams, Operational resilience managers, vital service owners, etc.
4. Perform quality assurance and independent testing on Operational Resilience along with the development and maintenance of procedures, artifacts, and metrics to be used.
5. Actively advise Business and IT teams on the remediation actions for identified risks on Operational Resilience (incl. regulators recommendations and actions plans)
6. Conduct Operational Resilience (incl. business Continuity, IT resilience and third-party technology) risk assessments of the Group and Entities, as well as of critical third parties including advising management on how to mitigate any identified risk.
7. Support other 2LoD teams in identifying resilience gaps in processes, controls and in remediating these.
Profile and Skills to Success
• 8 years of experience or practical understanding in the fields of Cyber/ information security, ICT risk management, IT resilience, third party technology risk management
• Professional qualifications relevant to information security, business continuity or third-party technology risk management
• Previous experience in Financial Sector, matrix organisations and 1LoD/2LoD/3LoD roles
• Strong risk mindset with understanding of applicable technology risk and resilience regulatory requirements such as DORA.
• Able to interface, coordinate and work efficiently and effectively with senior business and technology stakeholders
• Demonstrating a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform managers as appropriate
• Good team player, relationship building, influencing, and facilitating skills.
Tools/technologies/methodologies
• Good understanding of Cyber, Information Security,
• Strong capability of synthesis and adaptation
• Strong MS Office and SharePoint skills (core applications)
Conduct
• Demonstrate proactivity, transparency and accountability for identifying and managing conduct risks
• Consider the implications of your actions on colleagues, partners, and clients before making decisions, and escalate issues to your manager when unsure.
#LI-Hybrid
Why joining BNP Paribas?
· Leading banking institution
BNP Paribas is the European Union’s leading bank, and key player in international banking. It operates in 63 countries and has nearly 183.000 employees, including more than 146.000 in Europe.
· Our presence in Portugal
In Portugal since 1985, BNP Paribas today has more than 8.700 employees, distributed across the Group's 10 business entities established in the country. Its presence also extends to 11 excellence centres providing value-added services to various countries where the BNP Paribas Group also operates.
· International reach
Thanks to its international presence and regular and close collaboration among its different entities, BNP Paribas has the resources to support all clients with financing, investment, savings and protection solutions that help make their projects a success. BNP Paribas holds key positions in its three core operating divisions:
- Retail Banking, a division that brings together all of the Group’s retail activities and specialised business lines;
- Investment & Protection Services that include specialised businesses offering a wide range of savings, investment and protection services;
- Corporate & Institutional Banking division that offers tailored financial solutions for corporate and institutional clients.
· Diversity and Inclusion commitment
BNP Paribas is an equal opportunity employer and proud to provide equal employment opportunity to all job seekers. We are actively committed to ensuring that no individual is discriminated against on the grounds of age, disability, gender reassignment, marriage or civil partnership status, pregnancy and maternity/paternity, race, religion or belief, sex or sexual orientation. Equity and diversity are at the core of our recruitment policy because we believe that they foster creativity and efficiency, which in turn increase performance and productivity. We strive to reflect the society we live in, while keeping with the image of our clients.
· Commitment towards work/life balance
At BNP Paribas we care about our employees wellbeing and promote a culture of good integration between work and rest. We believe our employees have rich personal lives outside of work, being fundamental to be disconnected from work to recharge both physically and mentally. Only through this balance we may all be at our best while working.
· Remote Working Conditions
At BNP Paribas, we embrace a Smart Working framework based on trust, autonomy and collaboration. Within this framework, eligible employees can benefit from flexible remote working modalities adapted to our hybrid working environment. To guarantee a comfortable and efficient working set-up, eligible employees are provided with both the office and home equipment, are entitled to an equipment allowance and can benefit from exclusive partnerships to purchase additional equipment at reduced prices.
To find out more on why you should join BNP Paribas visit https://bnpp.lk/why-BNP-Paribas-Portugal
* Please note that only applications submitted in English will be considered.
* In case you are selected for this role, further documentation will be requested to support your hiring process.
