The bank for a changing world

We are looking for


Apply REF: CET19064

We are looking for an IT Risks & Cyber Shared Services Centre Manager, responsible for providing a coordinated corporate support function to BNP Paribas Personal Finance entities, both local and international, for IT Cybersecurity and Operational Risk management processes. He/she will also provide advice and user support across the Organization on the use of IT Risk and Cyber tools and systems.

The Shared Services Centre manager consolidates administrative functions to deliver in a cost-effective manner, promoting operational efficiencies and services improvements.

A technical focus:

  • Delivery of IT Risk & Cyber services in contribution to identification, evaluation, treatment, monitoring, reporting and closing of IT operational risks.
  • A non-exhaustive sample of key IT Risk & Cyber operational processes and activities to contribute to are: Vulnerability management, Penetration tests, Identity & Access Management, 3rd-party due diligence, Monitoring of risk treatment (action plans), Reporting the risk exposure (by asset, by entity, by territory…),….

The main responsibilities of the position will be:

  • Oversees service delivery and the day-to-day operations of the SSC, ensuring that all standards are met and procedures are followed. Establishes priorities and schedules of main activities
  • Reviews and monitors SSC-related services to identify trends and problem areas, reporting on risks, key performance indicators and proposed corrective action or new approaches

  • Develops and implements new working methods and procedures of the SSC; recommends procedural changes to improve SSC efficiency and ensures appropriate implementation of decisions made by senior management

  • Prepares and monitors the SSC budget

  • Oversees and ensures the smooth functioning of information systems required to deliver the services and the definition and implementation of changes required to maintain the systems operational and fit for purpose. Supports system deployment activities to ensure smooth adoption by clients of the Centre

  • Defines and ensures the implementation of Service Level Agreements; sets standards for quality and ensures that operational activities are implemented in accordance with recognized procedures and guidelines and meet the established standards

  • Establishes quality control mechanisms such as client surveys, periodic data quality assurance reviews, error escalation procedures

  • Plans and develops SSC communication strategy and capacity development; develops procedures and guidelines for use by the SSC customers in order to ensure clarity, accuracy, consistency and accountability and to sustain and increase public awareness of SSC core activities

  • Establishes and maintains close working relationships with functional Divisions/Offices at HQ, liaising on issues in the implementation of established policies and escalating to policy owners any issue requiring policy related decisions

  • As part of the IT Risk Office management team, contributes to and oversees the delivery of multi-disciplinary programs, policies, products, and services and prepares a variety of plans, strategies, reports and proposals

  • Performs other duties as required


  • Advanced University degree in Computer Science, Information Security, Business Administration and/or Management

  • 5 years of relevant experience in coordinating, leading and/or managing operations and administrative activities

  • Previous experience in providing structured services to clients

  • Fluent English. Good working knowledge of French and any other European language are considered a ‘+’

  • Good understanding of Operational Risk Management principles, European GDP Requirements

  • One of CISM, CISA, CRISC, CISSP or equivalent certifications is a must

Primary Location: ES-MD-MadridJob Type: Standard / PermanentJob: INFORMATION TECHNOLOGYEducation Level: Bachelor Degree or equivalent (>= 3 years)Experience Level: At least 5 yearsSchedule: Full-time Behavioural competency: Ability to collaborate / Teamwork, Proactivity, Personal Impact / Ability to influence, Attention to detail / rigor, Organizational skills, Adaptability, Ability to deliver / Results driven, Active listening, Communication skills - oral & written, Client focused, Ability to share / pass on knowledge, Critical thinking, Ability to synthetize / simplify, Creativity & Innovation / Problem solving, Resilience, Decision MakingTransversal competency: Ability to understand, explain and support change, Analytical Ability, Ability to manage a project, Ability to develop and adapt a process , Ability to anticipate business / strategic evolution, Ability to conduct a negotiation, Ability to develop others & improve their skills, Ability to develop and leverage networks, Ability to set up relevant performance indicators, Ability to manage / facilitate a meeting, seminar, committee, training…, Ability to inspire others & generate people's commitment