Job Title: IT Process Quality Officer - IT Risk; Controls & Business Continuity Management
Department: CIB IT Production - ISPL
About Business line/Function: ISPL IT Production CTO Office - Risk, audit, and control coordination team is responsible for safeguarding IT Business operations by: (1) Performing Business Continuity test and maintaining a robust IT Business Continuity program. (2) Driving IT internal risk‑management framework and its associated controls and reporting for IT Production teams and compliance with regulatory and corporate standards is consistently met.
Position Purpose: The Business Continuity & IT Process Quality Officer safeguards the IT Business operations by (1) performing Business Continuity test and maintaining a robust IT Business Continuity program and (2) driving IT internal risk‑management framework and its associated controls and reporting for IT Production teams. The role ensures that critical IT services stay operational during disruptions, that risks are identified and mitigated in a timely manner, and that compliance with regulatory and corporate standards is consistently met. This role is responsible to evaluate overall information technology risk, maintain an active view, and report on the actual, All Risk & Control closure activities are coordinated through this role, including the actual submissions for closure.
Responsibilities
Direct Responsibilities
- IT Production Business Continuity coordinator acts on behalf of, and by delegation of Department head, who remain fully responsible for the department BC Plans.
- Responsible for designing, maintaining and organizing BCM documentations (BIA, BC Plan, Call Tree list etc.) and testing of BC Plans and solutions (BCP testing, Call tree testing, participation in various level BCP & DR testing)
- Provide business data for analysis, design and testing stages of BC Plan
- Alerting the BCM team of any business continuity incident with potential impact to business.
- Organizing an appropriate business response for your department upon confirmed crisis scenario by mobilizing the recovery teams and communicating relevant instructions, and providing regular status updates on business recovery to the BC Manager
- Act as the primary coordinator for BC plan activation during incidents; monitor recovery progress and communicate status to senior leadership.
- Maintain the BC knowledge repository, test logs, and executive reporting dashboards.
- Conduct Business Impact Analyses (BIAs) for all critical applications, infrastructure, and services; define and maintain RTO/RPO targets.
- As a process quality officer conduct & maintain ISO 9001:2015 and ISO 27001:2013 certifications for IT Infrastructure & Production department.
- Collaborate with internal IT Productions teams & IT Operational control teams to execute central & local controls, overlook corrective action plan for control gaps, and ensure closure meets BNP requirements or industry best practices.
- The Process Quality Officer is responsible for managing various Risk & control programs such as IT Obsolescence, Vulnerability, Compliance Harding and third-party risk management by producing the data from different teams and governing them on monthly and quarterly basis.
- Timely escalation to Senior Management on the open gaps, which are unresolved and pose IT Infrastructure risk to the organization compliance.
- Ensure compliance against statutory obligations and seek opportunities to enhance the efficiency of the IT Infrastructure policies and procedures. Play security advisory and counsel role as needed.
- Create awareness across the IT Production cluster on the developments within IT domain based on the policies, procedures and guidelines issued by Group / Regional / Territory Management.
- Represent IT Infrastructure & Production at various security & control governance forums. Review and submit IT Infrastructure reports and ensure actions are closed.>
Contributing Responsibilities
- Preparation of presentations for various governance & controls forums.
- Assist in managing IT infrastructure obsolescence risk and create monthly/quarterly presentations reporting on outdated components.
Technical & Behavioral Competencies
- Strong technical and analytical skills and willingness to learn and keep up with industry, regulatory and technical developments.
- A detailed understanding of IT Risk & Controls, Business Continuity Management (BCM), Governance and experience of at least one of the following: BCM, IT Continuity, Obsolescence Management, control testing, vulnerability and patch management.
- Ability to collaborate with BCM, IT Infrastructure & Production, ICRO, Production Security and IT Security and work within a team.
- Strong written and verbal communication skills. Risk Reporting & Metrics skills are required. Must be able to summarize and communicate technical data to a non-technical audience.
- If one certification would help – ISO 27001 – 9001, CRISC & other relevant certifications.
Specific Qualifications: NA
Skills Referential (Required knowledge, skills and abilities)
Technical Skills:
- Business Continuity Management (BCM)
- Technology Risk & Controls
- IT Risk Framework and Standards
- ISO 27001 Certified
Behavioral Skills:
- Communication Skills - Oral & Written
- Attention to Detail/rigor
- Personal Impact / Ability to influence
- Critical Thinking
Education Level: Bachelor’s / Masters (Computer Science or IT related preferred)
Location: Mumbai
About BNP Paribas Group:
BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialized businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability.
About BNP Paribas India Solutions:
Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.
Commitment to Diversity and Inclusion
At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.
