The APAC Data Protection Services team is responsible for the protection of all APAC Business Lines and Functions against the risk of data loss, data leakage and data breach. Within the team, the DLP Control Designer responds to requirements from Group Cyber Defense, regulators and business lines by implementing appropriate DLP controls using a range of tools approved by the Bank.
The DLP Control Designer uses functional and technical skills to create effective and efficient solutions aligned with design guidelines, test them and deliver them under the supervision of the DPS Business Analyst & CCCO and ITO CCCO AI Catalyst.
The DLP Control Designer is a key interface with business CISOs, local CISOs as well as business lines representatives to understand their needs and provide them with the best response.
Key Responsibilities
Assist stakeholders in understanding data privacy and data confidentiality requirements from business and regulatory standpoints
Endeavor to meet regulatory and TRM guidelines as they apply to data security throughout data life cycle
Collect reference data sources to be used in DLP controls. Whenever such reference data is not available, suggest automated algorithms to create inventories of ‘trusted’ data
Set up and conduct workshops with business and functions representatives to perform risk assessments and to document data protection scenarios
Agree with business process owners on use cases where DLP tools can be effective in the protection of their data assets
Aim to understand risky data communication from applications and IT platforms, and partner with ITP and IT Security Risk Management to make DLP an integral part of application security assessments
Partner with the DLP Continuous Improvement Lead to optimize existing DLP controls and to identify risky patterns and behaviors to be addressed by new controls
Prioritize collected and documented ideas and requirements on a roadmap, and use it to communicate the DLP maturity plan within the organization
Perform functional and technical testing and obtain sign‐off of DLP policies and processes in order to guarantee a robust solution is delivered
Manage change requests with available resources while limiting their impact on end users
Escalate risks and issues to stakeholders and management, and propose and execute mitigation plans
Contribute to the production of DLP KPI, KRI, and dashboards, including for Steering Committee meetings
Design and document processes and procedures for your BA stream and contribute to the training of end-users
Contribute to maintaining and enhancing the BNP Paribas Operational Permanent Control framework
Technical & Behavioral Competencies
Technical competencies
You have acquired practical experience of DLP and you have performed risk assessments and gathering of data protection requirements. You may also have experience in an audit or a compliance role
You have proven experience in documenting business requirements with accuracy and clarity
You have an excellent understanding of data protection challenges within a large organization
You are familiar with regulatory requirements on data privacy and data protection in major APAC countries (at least SG, HK)
You have a capacity to conceptualize and model data controls in non-technical terms
You have a risk management mindset, and you are thorough and detailed in the documentation and execution of test cases
You are comfortable with technical concepts of Email, Web and Endpoint infrastructure
You may also hold security certifications
Behavioral competencies
You are a high-energy individual with a strong drive to deliver practical solutions
You have perfect mastery of English, you have outstanding interpersonal skills and are comfortable engaging senior stakeholders virtually and face-to-face
You are confident and able to influence others. You can lead a group to consensus while handling situations of conflict
You are a good listener and are able to communicate technical topics using business terms
You are analytical, can translate analytical thinking into solutions and present them to stakeholders and management
You have excellent time management skills and can multi-task
You are creative and resourceful, and you are comfortable with ambiguity
You are a strong team player. You foster cooperation, communication and commitment among groups and teams
You are able to handle highly sensitive information in a very professional and confidential manner
Specific Qualifications Required
Around 7 years of experience in international Financial Services firms or management consulting
Professional qualifications in finance, business, engineering, computing or related disciplines coupled with excellent academic credentials
Familiarity with current regulations related to Data Protection in APAC
About BNP PARIBAS
As the leading European Union bank, and one of the world’s largest financial institutions with an uninterrupted presence in the region since 1860, BNP Paribas offers a wide range of financial services for corporate, institutional and private investors spanning corporate and institutional banking, wealth management, asset management and insurance.
We passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued and encourage applicants of all backgrounds, including diversity of origin, age, gender, sexual orientation, gender identity, religion applicants who may be living with a disability. We have a number of internal employee networks in place to empower our staff to act and challenge the status quo.
• BNP Paribas PRIDE is highly active in favour of the LGBTQIA+ community
• BNP Paribas MixCity which fosters better representation of women at all levels of the organization
• Ability, the mutual aid network for employees with a disability or a disabling or chronic illness
• BNP Paribas CulturAll which celebrates diverse backgrounds
BNP is committed to financing a carbon-neutral economy by 2050. The Group is a founding member of the Net-Zero Banking Alliance and has set up its own Low Carbon Transition Group to support its clients through their energy transitions.
