The bank for a changing world

Corporate Banking IT: IT Operations Permanent Control Manager


Standard / Permanent



Job function




Position Purpose
  • The position holder will lead the IT governance, control and risk management practice for APAC ITO Corporate Banking IT which is a regional department covering IT project and operations for APAC (120 applications, 150+ staff members)
  • His / her main objectives will be:
    • To maintain, enhance and execute the IT control plan of the department
    • To identify, assess and monitor IT risks of the department
    • To maintain, adapt and roll out the IT governance to the department

Key Responsibilities

  • The position holder is responsible of the IT governance, control and risk management of APAC ITO Corporate Banking IT.
  • His / her primary objective is to ensure that the IT risks of the department are under control. This will be achieved by covering three main areas: IT control plan – identify, IT risks management – assess and IT governance – define.
  • The responsibilities / activities per area are as follows:
    • IT Control plan – Identify
      • Ensure that 1st and 2nd level controls are executed and signed off on a timely fashion
      • Analyse and report control results
      • Support internal and external audit on IT activities
      • Consolidate and track till closure audit findings
      • Monitor outsourcing agreements execution
    • IT Risks management – Assess
      • Identify and assess the department IT risks leveraging on all available sources (control plan, risks manager community…)
      • Review, validate and track risks mitigation actions plan
      • Handle regulatory technology risks management (TRM) filings for the department
    • IT Governance – Define
      • Roll out the IT governance policies and procedures defined at BNP Paribas group / regional level
      • Adapt and streamline IT processes to address the main risks
      • Moderate and train the project manager community
      • Maintain and improve the IT control plan to cater for new risks and efficiency

Competencies (Technical / Behavioural)
  • Risk oriented
  • A solid background in operational risk management and control framework
  • Knowledge of IT practices :project management ,security, continuity and production
  • Excellent analytical skills and reporting capabilities (KPIs, dashboards, metrics, assessment …)
  • A practical understanding of a large bank’s organization and systems
  • Familiar with process analysis and improvement, drafting of workflows and procedures
  • Strong conceptualization capacities
  • Excellent written and oral communication
  • Developed influencing and negotiating skills
  • Excellent interpersonal skills
  • Self-driven and independent 
  • Able to work in a fast-paced, dynamic and multi-cultural environment

Specific Qualifications Required

  • At least 5 years of experience in an IT governance and/or risk management environment
  • ITIL and/or CISA certification are a plus