Responsabilities:

    • Assist the IT RISK Officer in the IT RISK mapping, assessment and anticipation, updating the risk map cartography and ensuring its validity
    • Defining and promoting governance of the entity’s Cyber Security (processes, committees, recurring meetings, reports, etc)
    • Leading Cyber Security projects at entity level and providing expertise to the entity’s team and on the entity’s projects
    • Assisting with and managing Cyber Crises
    • Work closely with the IT Governance Officer to ensure the controls, procedures and policies are up-to-date and available
    • Ensuring the entity’s production environments are being managed accordingly to the groups’ security standards, by following up, checking and challenging the indicators, dashboards and reports shared by ITg
    • Support the Delivery Managers and Developers community of CET on security related topics
    • Serve as 1LoD for IT RISK & Cyber Security perimeters
    • Reporting on the entity’s Cyber Security overall status (controls, procedures and strategy)
    • Serve as Focal Point for the IT RISK and Operational Security teams in France for Cyber Security subjects
    • Ensure the execution of the regular control and awareness campaigns and report them to the respective groups at CET and Central Level
    • Setting up a Cyber Security network and communicating the vision to the entity and to the group
    • Lead Awareness campaigns and trainings for the CET employees
    • Lead the IT RISK & Security Committees
    • Perform security risk assessments due diligence for third parties, supporting Procurement and Outsourcing team on the IT RISK analysis and business continuity questionnaires
    • Work closely with the RISK ORC to ensure the IT risks are correctly reported and monitored
    • Represent CET in the International CISO Committees
  •  

Requirements:

  • +4 years of experience in IT security and IT Security Audit (at least 2 years in financial-banking institutions);
  • Previous experience with NIST Cybersecurity Framework
  • Legislative knowledge specific to the field of information security;
  • Experience with governance and management of controls, procedures creation, review and adaptation on the scope of IT Risk management, cyber security and continuity
  • Technical knowledge to analyze and review proposed technical solutions, proofs and evidences
  • Critical and analytical thinking
  • Resilience and flexibility to work in a dynamic and changing environment
Primary Location
RO-B-Bucharest
Job Type
Standard / Permanent
Job
INFORMATION TECHNOLOGY
Education Level
Bachelor Degree or equivalent (>= 3 years)
Experience Level
At least 3 years
Schedule
Full-time
Reference
ISO16062022


Discover the different professions within BNP Paribas: IT, Tech and Data

BNP Paribas is not just a financial services group. We’re also a tech company. Information systems, data and tools are central to our DNA, and offer a very broad range of career opportunities!

Find out more

Why should I apply?

Basically, why would you want to join BNP Paribas over any other company?

BECAUSE YOU'RE THE KIND OF PERSON WHO WANTS...

  • What if we told you that working in our Group may not be quite what you think? BNP Paribas business lines and careers are constantly evolving to meet the expectations of our clients and society as a whole.

  • Feeling good about your job means bringing your whole self to work and being who you are. It’s also about having the resources you need to achieve a healthy work-life balance. Both of these are major commitments at BNP Paribas.

  • At BNP Paribas, developing your skills is as important to us as it is to you. And the skills you learn with us will help you through the rest of your working life.

Find out more