Skip to content

General Information

Ref #
111114839113835
Country
India
Region
Maharashtra
City
Mumbai
Contract type
Permanent
Professional Family
F03 - RISK

Description

 

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.

 

About BNP Paribas Group:

BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability

 

 

Commitment to Diversity and Inclusion

At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.

 

About Business line/Function:

The RISK ORM Framework - Supervisory Affairs, Governance & Group Risk Profile (SAG & GRP) provides Group support on the risk governance (policy and procedure reviews) and reporting activities. This team leads ICT procedure and requirements reviews and challenge including gap analysis with industry standards at the Group level, identifies risk scenarios, severity and variance analysis as part of the Group ICT stress testing efforts and performs gap assessments with global industry standards/ frameworks to improve the maturity level of  the 1LoD framework.

 

 

 

Job Title:

Associate

Date:

 

November 03, 2025

Department:

Group RISK ORM

Location:

ISPL, Mumbai

Business Line / Function:

RISK ORM Framework & Processes – SAG & GRP

Reports to:

(Direct)

Head of ICT Policy and Procedures

Grade: 

(if applicable)

N/A

(Functional)

Head of ICT Policy and Procedures

Number of Direct Reports:

None

Directorship / Registration:

N/A

 

Position Purpose

Key expectation is for this resource to support the workload on IT risk and framework 2LoD challenge, in particular syndication process and consolidation of review comments across the ITG. The framework consists of 40 topics across IT governance, IT risk and cyber.

Responsibilities

 

Direct Responsibilities

 

  • Syndicate the received procedures for comments with RISK ORM stakeholders.
  • Perform own review of the applicable procedure(s) vis-à-vis relevant regulatory guidelines/international standards/best practices.
  • Perform a consolidation and a review of the comments received from stakeholders and addressing clarifications until closure.
  • Keep track of key discussion points raised by RISK and ensure each item discussed is appropriately closed or added into the backlog tracker.
  • Keep track of deadlines for incoming and outgoing documents and ensure that established processes are adhered to.
  • Based on the discussions, maintain a backlog of items to be incorporated in future iterations of procedures or new procedures to be authored.
  • Enhance the RISK ORM Procedures SharePoint with updated procedures, notifications, comments and status. 
  • Prepare a summary of review points at the end of each week for any escalations to be discussed.
  • Maintain a collaborative working relationship with ITG and RISK ORM stakeholders.

 

 

 

Contributing Responsibilities

  • Identify opportunities for process improvements or automation capabilities.

 

Technical & Behavioral Competencies

  • Up to 5 years of experience in IT audit / ITGC controls testing / technical assessments, preferably in the areas of Cyber and Technology domains in a financial institution.
  • High-level knowledge of key IT risk industry standards (such as ISO27001, COBIT, NIST).
  • Keen interest in cyber security (able to articulate current cyber threats) and attention to detail.
  • Excellent written and spoken communications. Considers the audience, avoiding technical jargon wherever necessary and appropriate.
  • Being rigorous and thorough – especially when logging and tracking issues through to conclusion.
  • Demonstrating a high-level of commitment and self-motivation, combined with enthusiasm and a genuine interest in the role of Policy & Framework in business.
  • Ability to work with strict timelines and under pressure situations to manage the delivery.

 

Skills Preferred

  • Is self-aware, anticipates problems, adapts and meets them head on.
  • Strong stakeholder management, relationship building, influencing, facilitating and presenting skills.
  • Is solutions focused – measures their output on whether issues, problems or challenges are resolved as a criteria for success.
  • Competencies:
  • Professional qualifications/trainings relevant to technology and/or cyber risk (e.g. change management, outsourcing, vulnerability management, cloud security etc.).
  • •     Prior experience in Policy and procedure reviews with mid to senior level management involvement would be preferred.

Specific Qualifications (if required)

NIST/ISO27001/2 LA/LI qualification is beneficial but not essential.

Skills Referential

Behavioural Skills: (Please select up to 4 skills)

Communication skills - oral & written

Attention to detail / rigor

Ability to synthetize / simplify

Ability to collaborate / Teamwork

Transversal Skills: (Please select up to 5 skills)

 

Analytical Ability

Ability to develop and leverage networks

Ability to manage / facilitate a meeting, seminar, committee, training…

Choose an item.

Choose an item.

Education Level: 

 Bachelor Degree or equivalent

Experience Level

At least 2 years

Other/Specific Qualifications (if required)