IT & Cyber Risk Management Expert – m/f/x
Willing to push the boundaries with us for a more sustainable world?
The BNP Paribas Fortis Governance, Risk and Compliance (GRC) team supports IT and Business Units to develop adequate solutions on operational risk management practices, focusing but not restricted to IT and Information Security.
Our main missions are:
- Identify operational IT and Cyber risks on assets/applications, projects, Agile Constructs (Tribes, Squads) and 3rd-parties.
- Advice, consult, monitor and report on risk treatment in order to reduce the overall risk exposure of IT and Business at an optimized cost.
- Elaborate and manage the implementation of a flexible strategy to reduce IT and Cyber risks in accordance to the IT and Cyber policies of BNP Paribas Group.
Your future job
- You perform IT and Cyber security risk quality assurance from the creation to the closure of the risk.
- You deliver advice and support on risk management to internal customers (IT and Business) : this means:
- Accompany and challenge IT and Cyber risk assessments performed by the Agile constructs or Business Lines/Support Functions.
- Propose or validate measures to mitigate risks derived from assessments, security scans and penetration tests, defects from IT and Cyber controls plans, recommendations from 2nd and 3rd lines of defence, etc.
- Create detailed or synthetic risk reports, in line with BNP Paribas Group and IT and Cyber Risk Management best practices.
- Increase risk control maturity by providing a valuable follow up and reporting.
- You report risks and overall risk posture to Information Security, IT or Business Management:
- Identify and propose transversal risk mitigating actions.
- Create risk dashboards and reports for a management audience, in line with the risk appetite for the company.
- Create one-pagers and risk reports for a management audience.
- You build a customer relationship as the Single Point Of Contact for the risk management services you deliver.
- You contribute to improve the risk management methods and tools taking into account your field experience as well as best practices coming from the BNP Paribas Group or other sources like regulators, Basel II, CobIT, ISO27000/31000 ...
- You contribute to writing procedures and processes supporting the risk management activities outlined above, for both an expert and non-expert audience.
- You are the single point of contact for security matters related to the Information asset and the CIAT rating of our assets, whilst providing business support, maintaining and updating procedures and tooling, and integrating the security asset management in the overall asset management processes of the bank.
Highlight your strengths
- Education : Bachelor/Master or equivalent by experience
- Certifications (optional): Security certifications like CISSP, CISM, CIPP, CCSK are preferred.
- Languages : Fluent in French, Dutch and English
- Experience on linking different ISMS and IT Risk processes is a must.
- Knowledge of control frameworks and audit methodologies.
- Significant experience in working with cloud services (SaaS, HSP, AWS)
- Knowledge of software development security best practices
- Experience in release management, change management, incident management, testing
- Strong IT background
- We are looking for a High performer, who can work autonomously and feels committed, and result oriented. You like to work in a dynamic and multi-cultural environment.
- You are a team player with a pro-active attitude. You are accurate and control minded, yet flexible. You are precise and methodological.
- You have excellent English writing skills, good communication and influencing skills.
- You think analytically and are able to produce structured and concise documents
Tempted by the challenge?
Interested in this function? Do not hesitate to apply online. You can expect feedback on your application 15 days after your application.
Should you wish more information about this vacancy, you can contact Maria Pilar Barrena Redondo or Ann Regnart.
Your future workplace
Thanks to the daily commitment of our more than 12,000 employees, BNP Paribas Fortis aims to be a responsible and sustainable leader and the preferred partner of our clients over the long term. For IT it means developing ingenious banking technologies to continuously offer them tailored solutions—at every key moment in their lives.
Our IT teams work at the centre of Brussels, just a few 100m from the central station, the building has a company restaurant and the bank has a flexible homeworking policy.
In a changing world, diversity and inclusion are core values for team well-being and performance. At BNP Paribas Fortis, we want to welcome and retain all talents, regardless of gender, age, origin or sexual orientation, and irrespective of whether or not they are living with a disability, as each of them have their own experience and identity. Together, let's build the bank of tomorrow: innovative, responsible and sustainable. All of our full-time vacancies are also open to candidates wishing to work 80% or 90%.
By choosing us, you get
- Excellent opportunities to develop, personally and professionally, and spread your wings.
- A permanent contract and an attractive pay package.
- A position in a responsible, socially engaged organisation where diversity and inclusion are the standard.
- The possibility of working part time (80 or 90 per cent).
Choose BNP Paribas Fortis now and apply here.
We will make our first selections on the basis of your CV and letter of motivation. Are you the candidate we’re looking for? Then you’re sure to hear from us. Good luck!