About BNP Paribas India Solutions:
Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.
About BNP Paribas Group:
BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability
Commitment to Diversity and Inclusion
At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.
About Business line/Function:
Job Title:
Date:
Department:
Location:
Business Line / Function:
Reports to:
(Direct)
Grade:
(if applicable)
(Functional)
Number of Direct Reports:
Directorship / Registration:
NA
Position Purpose
Position Purpose
RISK Operational Risk Management (RISK ORM), created early 2021 to oversee operational
risks within the mandate of the RISK function, is organised, under the responsibility of the
Group Chief Operational Risk Officer (Group CORO), around 3 Poles: RISK ORM
Framework, RISK ORM Technology & Transversal Risks and RISK ORM Network.
Under the authority of the Pole’s Manager, RISK ORM Network is made up of all the
Operational Risk Officers (OROs) acting as the second line of defence (LoD2) within the
Group’s operational entities (Poles, Business Lines, Functions, Transversal Activities).
The below requirement is for Operational Risk Officer- ICT Controls Testing role which part
of the Common ICT LoD2 Controls Execution Platform (CICEP) under Group RISK ORM
Network team. The candidate will be part of The Bank’s 2nd line of defense function, and
they will be responsible for testing the deployment, and effectiveness of the IT and Cyber
controls globally.
The position is based in India Solutions Pvt. Ltd. (ISPL), Mumbai and reports to the Head of
CICEP (India CoE), plus functionally to Group Head of ICT Controls Testing.
Key success of the CICEP relies on building trusted partnerships with stakeholders and
particularly with the ORM Network community and globally, with all entities of the Group.
Responsibilities
Direct Responsibilities
· Perform the independent testing of ICT controls (ITGC controls testing) to determine the
design effectiveness, and operating effectiveness of IT and Cyber controls.
· Contribute to the industrialization and automation of RISK ORM ICT control testing
services by development of methodologies / tools for the achievement of assignments.
· Draft high-quality reports containing the assessor’s opinion on the ICT control gaps, and
recommendations for improvement, post completion of an assignment.
· Review and assist with the evaluation of control deficiencies and provide practical
recommendations for remediation.
· Identify areas of improvement for ICT control testing and assist with the enhancement of
the methodologies / tools for carrying out the ICT controls testing assignments.
· Ensure completion of the testing and adherence to the internal timelines.
· Provide IT and cyber risk management consultancy (specific to ICT controls) to business
and IT stakeholders.
· Work in collaboration with other stakeholders from business and RISK ORM teams to
contribute towards influencing the ICT risk culture of The Bank.
Improve the effectiveness of the Internal Controls programme by reviewing the control
environment, risk assessment process, control activities, information and communication
and monitoring activities
Contributing Responsibilities
· Collaboration at the India CoE level with Head of India CoE, including but not limited to
the CoE level reporting requirements
· Effectively contribute to the CoE, RISK India Hub and ISPL on Group mandates, Objectives
and priorities
· Help and contribute to build the CoE as a positive place to work
Technical & Behavioral Competencies
SKILLS, EXPERIENCE AND COMPETENCIES
Skills Required
* 3-6 years of experience in IT audit / ITGC controls testing / technical assessments,
preferably in the areas of Cyber and Technology domains in a financial institution.
* Must be able to interface and coordinate work efficiently, and effectively with business
partners.
* Excellent analytical skills - being able to come to a thoughtful and business focused
conclusion quickly.
* Good communication, listening and influencing skills, including ability to articulate
complex issues and incorporate feedback.
* Ability to manage their workload independently to meet their targets, and priorities set in
conjunction with management.
* Demonstrating a calm professional approach, with a good understanding of delivery
within time constraints and the need to escalate/inform departmental management as
appropriate.
* Adapting personal approach to suit situations, individuals, groups and cultures. Is flexible
in relation to getting the job done.
* Being rigorous and thorough - especially when logging and tracking issues through to
conclusion.
* Demonstrating a high-level of commitment and self-motivation, combined with
enthusiasm and a genuine interest in the role of Risk Assessment in business.
* Ability to express views clearly and fluently, both orally and in writing. Considers the
audience, avoiding technical jargon wherever necessary and appropriate.
* Works iteratively, delivering quickly and frequently to produce high quality documents
and outputs which require little to no rework.
* Team player - focus on the success of the whole team. Working well both with others, as
well as individually.
* Ability to work under strict timelines and at pressure situations to manage the delivery.
* Open to work under global time zones as required for workshops or stakeholder
discussions.
Skills Preferred
* Has the proven ability to think outside of the box, challenge industry norms and adapt
quickly to evolving requirements.
* Is self-aware, anticipates problems, adapts and meets them head on.
* Strong stakeholder management, relationship building, influencing, facilitating and
presenting skills.
* Is solutions focused - measures their output on whether issues, problems or challenges
are resolved as a criteria for success.
Competencies:
* University degree (technical), and/or certification such as ISO27001, CISA.
* Professional qualifications/trainings relevant to technology and/or cyber risk (e.g. change
management, outsourcing, vulnerability management, cloud security etc.).
Conduct:
* Consider the implications of your actions on colleagues, partners and clients before
making decisions, and escalate issues to your manager when unsure.exists and how it will contribute in achieving the team’s goal.
Responsibilities
Direct Responsibilities
Contributing Responsibilities
Technical & Behavioral Competencies
Specific Qualifications (if required)
Skills Referential
Behavioural Skills: (Please select up to 4 skills)
Choose an item.
Choose an item.
Choose an item.
Choose an item.
Transversal Skills: (Please select up to 5 skills)
Choose an item.
Choose an item.
Choose an item.
Choose an item.
Choose an item.
Education Level:
Choose an item.
Experience Level
Choose an item.
Other/Specific Qualifications (if required)
