IT Risk - Madrid, España - BNP Paribas

BNP Paribas

Empresa verificada

Madrid, España

hace 2 semanas

Publicado por:

Isabel García

beBee Recruiter

Descripción

BNP Paribas is an international bank with leading positions in the European market. It is present in 74 countries and employs more than 192,000 people, 146,000 of whom are in Europe.

The Group holds key positions in its three main areas of activity:

Domestic Markets and International Financial Services (whose retail banking and financial services network is part of Retail Banking & Services), as well as Corporate & Institutional Banking, which offers services to corporate and institutional clients.

The Group supports its customers (individuals, entrepreneurs, SMEs, large companies and institutions) to help them carrying out their projects by providing financing, investment, savings and insurance services.

In Europe, the Group has four domestic markets (Belgium, France, Italy and Luxembourg) and BNP Paribas Personal Finance is number one in retail financing in Europe.

BNP Paribas is developing its integrated retail banking model in the Mediterranean countries, Turkey, Eastern Europe and has an important network on the US West Coast.

In both its Corporate & Institutional Banking and International Financial Services activities, BNP Paribas has leading positions in Europe, a strong presence in the Americas and a solid and growing network in the Asia-Pacific region.

The CIB IT Platform for EMEA is responsible to provide IT Services to our Clients ensuring a Digital Market evolution, in a secured and performant environment, and with a reliable quality.

This function includes Global Markets Application Production, Local Territory IT Development, the Core Infrastructure environment including Datacentres, Application Production, Security, Architecture as well as elements of the Global Services organisation.

Within BNP Paribas Group IT, the filiere Production Security is in charge of answering operationally to the challenges of cybersecurity with an end-to-end vision and consistently across the Bank.

MISSION

We are looking for an IT Risk & Cyber Security Analyst in charge of assessing Cyber risks on the IT production perimeter for outsourced activities as well as a contribution of Cyber expertise in support of the CISO.

RESPONSIBILITIES

The main activities and missions will be:

In charge of CISO activities related to Third Parties Risk Management on IT production perimeter:

Step

Cyber Risk Identification & Assessment:
Identify and assess the ICT and Cyber Security Risk of the activity in a context of an externalization.
Initiate the overall process which includes preliminary risk identification, analysis and evaluation.
Define / recommend activities that are adequate to the risk level to perform before the validation committee.
Identify ICT and cyber security need.

Step

IT Risk & Cyber Security Due Diligence:
Assess the compliance of the proposal of the service provided by the suppliers to the ICT applicable requirements for protecting BNP Paribas
Select the most suitable supplier among the shortlisted ones.

Step

Contract Negotiation
Formalize the applicable conditions to the service provided and the Supplier's commitment to implement agreed Cyber Security measures.
Proposal and validation of evolutions in the hardening rules of the security of the products used within the Group:
Assist product owner in writing hardening rules
Review hardening rules published previously
Align hardening rules with other production security teams
Coordinate the implementation of control rules
Analyze and assess the Asset Classification from a Security perspectives
Review the answers of Security and IT Architecture questionnaire
Add Key requirements from Group BNPP Security framework to comply with

Technical & Behavioral Competencies

Expertise in computer security standards and frameworks and the main IT & security risk frameworks (NIST, CIS, ISO27001, EBIOS, etc.),
Expertise in the main types of cybersecurity incidents and how to protect against them.
Technical expertise in IT/Cloud infrastructures, usual products and technologies
Critical mind, good analytical and synthesis skills.
Rigor, curiosity, autonomy, involvement, availability and taste for teamwork.
Ability to listen and communicate to convince, adapting to one's interlocutors.
Ability to take a step back and formalize needs, write synthesis documents and report on work.
Animation of transversal working groups.
Very good command of English (written/spoken).
French speaking will be appreciated.