Job Description

About BNP Paribas Group:

BNP Paribas is a top-ranking bank in Europe with an international profile. It operates in 71 countries and has almost 199 000 employees. The Group ranks highly in its three core areas of activity: Domestic Markets and International Financial Services (whose retail banking networks and financial services are grouped together under Retail Banking & Services) and Corporate & Institutional Banking, centred on corporate and institutional clients. The Group helps all of its clients (retail, associations, businesses, SMEs, large corporates and institutional) to implement their projects by providing them with services in financing, investment, savings and protection. In its Corporate & Institutional Banking and International Financial Services activities, BNP Paribas enjoys leading positions in Europe, a strong presence in the Americas and has a solid and fast-growing network in the Asia/Pacific region.

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, a leading bank in Europe with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 6000 employees, to provide support and develop best-in-class solutions

About Business line/Function :

Inspection Générale

Job Title

IT Auditor, IG Hub APAC


Inspection Générale Hub Asia Pacific



Business Line / Function

Inspection Générale

Reports to

Head of Audit IT, Asia Pacific


(if applicable)


Number of Direct Reports


Directorship / Registration



Position Purpose

·   To conduct Information Technology and Cybersecurity audit work in accordance with the IG methodology and ensure high standard of deliverables

·   To contribute to the Information Communication Technology risk assessment of audit universe establishing a reliable communication channel with the auditees.

·   To follow through with auditee on implementation of recommendations


Direct Responsibilities

1.     Participate in the audit team assignments and special reviews (when required by regulators, business lines, or senior management)

-       Contribute to the planning and preparation of the assignment e.g. understanding the methodology to be applied, acquiring a deep knowledge of the activities to be covered, understanding the detailed technologies, gathering relevant key figures, etc.

-       Develop a thorough understanding of the activities within the scope of the assignment, its strategy and governance, and the related risks.

-       Evaluate the overall setup and identify the main areas of risk (including a comprehensive assessment of the management actions).

-       Execute detailed investigations leveraging on a strong technical knowledge in various IT systems (Databases, Operating systems Linux/Windows, Cybersecurity/Network security, Virtualization, containerization, Cloud Computing and related risks)

-       Leverage on adequate programming languages and scripting to perform efficient investigations by automating analysis.

-       Ensure the adequate learning and understanding of the standard IT solutions used in the IT infrastructure and production, Cybersecurity management in order to analyze adequately their configuration and be able to identify and raise potential risks.

-       Recommend appropriate actions to the management in order to remediate the identified weaknesses.

-       Formalize the results of the assignment investigations and contribute to the production of the assignment deliverables.

-       Present the conclusions of the assignment fieldwork to the senior management.

2.    Review the implementation of the Inspection Générale recommendations

-       Review and challenge the actions defined to remediate the weaknesses identified by the audit team through its assignments.

-       Ensure the adequacy of the answers to address permanently the gaps following accurately the recommended actions.

-       Perform relevant control testing to ensure the proper implementation of the actions.

3.    Contribute to the periodic risk assessment of IT activities and planning

-       Perform a periodic and comprehensive risk assessment of the IT activities as per the Group guidelines.

-       Keep abreast of change/new development of regulatory requirements that are relevant to IT activities and related functions.

-       Assist in the elaboration of the IT audit planning following a risk-based approach.

Contributing Responsibilities

-       Contribute to the improvement of the Inspection Générale practices through the elaboration and update of our methodologies.

Travelling requirement

: below 30%

Technical and Behavioral Competencies required

-       Strong expertise in Cybersecurity (IT security hands-on experience is a plus)

-       Strong technical background in IT activities (including IT production / IT systems expertise)

-       Curiosity, rigor, and precision.

-       Outstanding analytical skills

-       Ability to synthesize

-       Excellent writing and presentation skills (in English)

-       High level of initiative, commitment, and drive

-       Ability to work effectively under pressure and within short deadlines

-       Promotes a constructive, cooperative, and participative teamwork environment

Specific Qualifications (if required)

·         Possess a Bachelor’s / Master’s Degree in Information Technology/ Management Information System / Computer Science and related discipline;

·         Not less than 5 years of experience in external auditing / internal auditing / IT / risk / compliance / internal control / operations in the financial services industry.

·         Professional Qualification/Certificate in Audit, e.g. CISA, CISSP, CISM, CCSP is a plus.

Skills Referential   

Behavioural Skills: (Please select up to 4 skills)

Creativity & Innovation / Problem solving

Ability to collaborate / Teamwork

Ability to synthetize / simplify


Transversal Skills: (Please select up to 5 skills)

Analytical Ability

Ability to understand, explain and support change

Ability to anticipate business / strategic evolution

Ability to inspire others & generate people's commitment

Ability to develop and leverage networks

Education Level:

Master Degree or equivalent

Experience Level

At least 5 years

Other/Specific Qualifications (any of these skills is highly appreciated)

Information Technology – Systems

Operating Systems : Linux/UNIX, Windows

Databases Management Systems: Oracle, SQL Server, NoSQL, MariaDB, MongoDB

Data Analytics: Elasticstack, Kafka, Tableau, Power BI, R, Python (Panda, Matplotlib, SciKit)

Cloud Technology: AWS, Azure - Containers Kubernetes, Docker

Programming / scripting: Linux / windows Shell, batch commands / Javascript, Web development framework

Python (intermediate/advanced level)


Identity Access Management: Sailpoint, CyberArk, Oracle Identity Management , Single Sign-On : WEB SSO

Network Security: Strong network knowledge, (routing, Firewalls), Proxies (WEB, Reverse Proxy),

System security

Security configuration, Patching, vulnerability scanning (Nexpose, Nessus)

Application security: OWASP, WAF, Scanning (Qualys, Rapid7, Tripwire, Fortify)

Penetration Testing / ForensicsTools: Kali Linux (Burpsuite, nmap, zap, dirbuster, metasploit, …)

Primary Location
Job Type
Standard / Permanent
Education Level
Bachelor Degree or equivalent (>= 3 years)
Experience Level
At least 5 years

Discover the different professions within BNP Paribas: Audit, Compliance, Risk and Legal

If it is your ambition to work in a profession that entrusts you with a high degree of responsibility and gives you the chance to contribute to strategic decision-making at BNP Paribas, the following roles might be ideal for you to consider.

Find out more

Why should I apply?

Basically, why would you want to join BNP Paribas over any other company?


  • What if we told you that working in our Group may not be quite what you think? BNP Paribas business lines and careers are constantly evolving to meet the expectations of our clients and society as a whole.

  • Feeling good about your job means bringing your whole self to work and being who you are. It’s also about having the resources you need to achieve a healthy work-life balance. Both of these are major commitments at BNP Paribas.

  • At BNP Paribas, developing your skills is as important to us as it is to you. And the skills you learn with us will help you through the rest of your working life.

Find out more