Job Description

About BNP Paribas Group: BNPParibas is a top-ranking bank in Europe with an international profile. It operates in 71 countries and has almost 199000 employees. The Group ranks highly in its three core areas of activity: Domestic Markets and International Financial Services (whose retail banking networks and financial services are grouped together under Retail Banking & Services) and Corporate & Institutional Banking, centered on corporate and institutional clients. The Group helps all of its clients (retail, associations, businesses, SMEs, large corporates and institutional) to implement their projects by providing them with services in financing, investment, savings and protection. In its Corporate & Institutional Banking and International Financial Services activities, BNPParibas enjoys leading positions in Europe, a strong presence in the Americas and has a solid and fast-growing network in the Asia/Pacific region. About BNP Paribas India Solutions: Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, a leading bank in Europe with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 6000 employees, to provide support and develop best-in-class solutions. About Business line/Function : The Transversal team in Global Banking IT provides services IT Risk, Security and Control services for the application development teams present in ISPL. The team is responsible to help monitor, govern, guide and report on the IT security, Risk and control adherences for the application in scope of the team. Job Title: IT Security, Risk & Control Lead - Manager / AVP Date: Department: Global Banking IT Location: Nirlon Knowledge Park, Mumbai Business Line / Function: Global Banking - Transversal Management Reports to: (Direct) Grade: (if applicable) (Functional) Number of Direct Reports: NA Directorship / Registration: NA Position Purpose The Governance Lead role is to ensure the appropriate and robust IT Security, Risk and Control polices, processes are implemented & adhered-to by all stakeholders in the department. They would be responsible to monitor, report and assist teams in being compliant with the policies laid out by the Bank. Function as the single point of IT contact for key elements such as enterprise IT policy governance, enterprise IT strategy, IT internal audits, and IT risk acceptance. Responsibilities Direct Responsibilities . Ensure strong and effective Risk Management- including operation risk . Manage transformation, improvement & control initiatives aligning with global strategies. Ensure strong collaboration and partnership of Global Banking - ISPL with responsible global teams . Help develop and implement processes to assess and/or monitor the effectiveness of Application\'s IT Security, risk and control procedures to ensure adherence to standards and policies as appropriate. Contribute to all aspects of the delivery lifecycle to provide guidance to the teams that ensures secured development of applications . Create and share reports with IT management, identifying and highlighting observations and suggesting options and recommendations . Serve as an expert to guide & review security testing requirements for applications in scope . Provide technical expertise testing to project teams guiding them when needed Contributing Responsibilities . Collaborate with other ISPL functions to identify and implement consistent and effective approaches to security, risk, governance and control-based activities Technical & Behavioral Competencies . Strong understanding of Application security including DevSecOps framework. Good knowledge of OWASP, OSSTMM, SANS and other application security standards and best practices . Strong understanding of IT Risk Management . Expert level understanding of application security practices . Keen desire to be at the leading edge of technology and process practices . Ability to work under minimal supervision . Strong analytical, interpersonal skills . Must have the ability to interact professionally with a diverse group of developers, tester engineers, and managers. Ability to work well with culturally diverse global teams . Excellent written and oral communication skills Specific Qualifications (if required) . Minimum 7 years of relevant experience and proven accomplishments in IT security, Risk & Controls Skills Referential Behavioural Skills : (Please select up to 4 skills) Ability to deliver / Results driven Attention to detail / rigor Adaptability Ability to share / pass on knowledge Transversal Skills: (Please select up to 5 skills) Analytical Ability Ability to anticipate business / strategic evolution Ability to manage a project Ability to manage / facilitate a meeting, seminar, committee, training Ability to inspire others & generate people\'s commitment Education Level: Bachelor Degree or equivalent Experience Level At least 10 years Other/Specific Qualifications (if required) Relevant industry recognized security or Risk certifications like CISSP / CISM, etc.

foundit