Security Detection Governance Specialist / Project Manager

BNP Paribas, the leading bank in the European Union and a leading international player, is seeking to reinforce its existing teams in the areas of IT risk management, cybersecurity, and the fight against digital fraud.

Within “IT Group” of BNP Paribas, the “Cybersecurity & Digital Fraud” Department's mission is to structure, strengthen, and harmonize IT risk management and cybersecurity for the Group (approximately 30 entities) by:

• Defining the vision and strategy for IT risk management and cybersecurity,
• Ensuring the implementation of this strategy within the Group’s operating entities,
• Monitoring the security of the Group's information systems,
• Steering the IT Continuity and Resilience strategy and methodological framework.

The evolving Cyberthreats landscape increases the security risk for the financial sector. Therefore, BNP Paribas must strengthen its Cybersecurity maturity, IT risk management and Operation Resilience.

Within the “Cybersecurity & Digital Fraud” department, you will be part of the “Fusion Center” team in Poland.

Security Detection Governance Specialist / Project Manager

We are seeking for a highly skilled and motivated person to join the team as a CyberSOC security expert. You will play a key role in the CyberSOC Detection service evolution and improvement:

• You will analyze and challenge new requests regarding our detection capabilities, to ensure they lead to the improvement of our cyber detection posture.
• You will support and challenges the teams in definition, categorization and specification of their needs to achieve the most realistic and secure detection coverage for the group, based on audit documentation, and Threat landscape knowledge.
• You will support SOC teams in the implementation of the new detection capabilities
• You will also contribute to the reporting of our activities by participating to the dashboards production, detection committees, and the steering committees. 
• You will perform study aiming at enhancing our rules detection catalog

In this context, you will work closely with all CyberSOC stakeholders teams, including CSIRT, Data cyber scientist, Product owner, Production Security and CISO.

If you are passionate about Cyber governance activities with the will to improve the group security and have strong interpersonal skills, we encourage you to apply for this exciting opportunity to join our dynamic team.

Responsibilities:

• Work closely with product owners and stakeholders to understand the detection requirements and ensure alignment with the usage policy of the SOC.
• Cultivate strong relationships with Threat Intelligence Team to have the latest information from IT risk landscape
• Enhance technical categorization on product owner’s request to comply with security referentials
• Manage request timelines, priorities, and deliverables to ensure success full request completion within agreed-upon deadlines.
• Identify and address any issues or risks that may impact project delivery and proactively seek solutions.
• Cultivate strong relationships with stakeholders and production teams, ensuring open communication and alignment of expectations throughout the request lifecycle.
• Continuously monitor and track project progress, providing regular updates to stakeholders and leadership.
• Produce specifications documents, meeting slide deck and minutes. To give special attention to the messages shared and how they are stated. 
• Foster a culture of collaboration, transparency, and continuous improvement within the team.
• Actively focus on removing obstacles and enabling the team to achieve its goals effectively.

Requirements: 

• At least 5 years of experience in governance and/or cyber-security.
• Knowledge in Cybersecurity and SOC/SIEM organization and tooling.
• Knowledge of Cybersecurity referential and processes (e.g. MITRE ATT&CK).
• Knowledge of IT layers infrastructure technologies (e.g.IAM, SSO, AD, Zero Trust)

• Attention to detail and ability to act as critical thinker.
• Ability to adapt to changing requirements and priorities.
• Great communication skills in English (oral and writing).
• Level of education: Master’s degree or equivalent experience.