Production Security Risk and Governance Analyst

at  BNP Paribas

SPECIFIC QUALIFICATIONS

Demonstrated IT Audit and Risk Management expertise and experience
Familiar with process analysis and improvement.
About BNP PARIBAS
As the leading European Union bank, and one of the world’s largest financial institutions with an uninterrupted presence in the region since 1860, BNP Paribas offers a wide range of financial services for corporate, institutional and private investors spanning corporate and institutional banking, wealth management, asset management and insurance.

We passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued and encourage applicants of all backgrounds, including diversity of origin, age, gender, sexual orientation, gender identity, religion applicants who may be living with a disability. We have a number of internal employee networks in place to empower our staff to act and challenge the status quo.

• BNP Paribas PRIDE is highly active in favour of the LGBTQIA+ community
• BNP Paribas MixCity which fosters better representation of women at all levels of the organization
• Ability, the mutual aid network for employees with a disability or a disabling or chronic illness
• BNP Paribas CulturAll which celebrates diverse backgrounds

BNP is committed to financing a carbon-neutral economy by 2050. The Group is a founding member of the Net-Zero Banking Alliance and has set up its own Low Carbon Transition Group to support its clients through their energy transitions.
https://careers.apac.bnpparibas/
(Opens in a new tab)
More information
You must accept the “Social media and content sharing cookies” to see this content.

POSITION PURPOSE

APAC Production Security department is responsible for most IT Security activities for BNP Paribas in Asia Pacific region, such as:

• IT Production Security Governance, Project Management & Risk management
• Network Security and Security Design & Architecture
• Vulnerability & Compliance Management
• Identity and Access Management: authorization, authentication, control of Privileged Access
• Production Computer Security Incident Response Team,
• Detection & Security Information & Event Management Engineering
• Production support of the security platforms and tools

As the ProdSec Risk Management Analyst in the Governance, PMO & Risks management team, the candidate will support all the transversal vital functions and activities of the entire APAC Production Security department.
The candidate must possess strong organization skills, an eye for detail, have good time management, have excellent written and communication skills, be able to prioritize multiple tasks, and understand risks management, governance activities and IT environment.

DIRECT RESPONSIBILITIES

Oversee the execution of Level 1 controls and report the results into the IT OPC framework
Manage contributions to regulatory examinations, external or internal audits or assessments (request handling)
Maintain a register of open audit findings assigned to (or with contributions from) the department and manage the closure submissions.
Consolidate a knowledge base of results of controls or maturity assessments
Monitor and follow-up on IT Risk Acceptances and Mitigations status
Guide remediations of all audit findings, gaps & recommendations involving the department
Lead the continuous enhancement of current Production Security’s governance activities (organization, communication, reporting, etc.)

CONTRIBUTING RESPONSIBILITIES

Support evidence delivery activities for IT security internal and external audits
Contribute to IT Production’s efforts to resolve all open gaps and findings
Facilitate Continuous Improvement and problem solving
Contribute to the control frameworks in day‐to‐day business activities
Contribute to the Department’s transversal tasks (EUC inventory, RSA Token management, project coordination…etc…)