Skip to content

Main menu. Press enter or space keys to expands and escape key to collapse

Informations générales

Type de contrat
Production Security Risk and Governance Analyst
Ref #
Mardi, mai 14, 2024

Description & exigences

Position Purpose

APAC Production Security department is responsible for most IT Security activities for BNP Paribas in Asia Pacific region, such as:

§  IT Production Security Governance, Project Management & Risk management

§  Network Security and Security Design & Architecture

§  Vulnerability & Compliance Management

§  Identity and Access Management: authorization, authentication, control of Privileged Access

§  Production Computer Security Incident Response Team,

§  Detection & Security Information & Event Management Engineering

§  Production support of the security platforms and tools

As the ProdSec Risk Management Analyst in the Governance, PMO & Risks management team, the candidate will support all the transversal vital functions and activities of the entire APAC Production Security department.

The candidate must possess strong organization skills, an eye for detail, have good time management, have excellent written and communication skills, be able to prioritize multiple tasks, and understand risks management, governance activities and IT environment.

Key Responsibilities

Direct Responsibilities

  • Oversee the execution of Level 1 controls and report the results into the IT OPC framework
  • Manage contributions to regulatory examinations, external or internal audits or assessments (request handling)
  • Maintain a register of open audit findings assigned to (or with contributions from) the department and manage the closure submissions.
  • Consolidate a knowledge base of results of controls or maturity assessments
  • Monitor and follow-up on IT Risk Acceptances and Mitigations status
  • Guide remediations of all audit findings, gaps & recommendations involving the department
  • Lead the continuous enhancement of current Production Security’s governance activities (organization, communication, reporting, etc.)

Contributing Responsibilities

  • Support evidence delivery activities for IT security internal and external audits
  • Contribute to IT Production’s efforts to resolve all open gaps and findings
  • Facilitate Continuous Improvement and problem solving
  • Contribute to the control frameworks in daytoday business activities
  • Contribute to the Department’s transversal tasks (EUC inventory, RSA Token management, project coordination…etc...)

Competencies (Technical / Behavioral)

§  University degree, preferably in Computer Science with spec. in IT Security

  • 3+ years of experience in IT audit, controlling, governance, and risks management in banking industry.
  • Experiences in IT security.
  • Ability to work independently on various missions and actively contribute to team efforts to execute task objectives
  • Excellent interpersonal and communication skills; ability to effectively and clearly present issues
  • Excellent analytical skills and reporting capabilities (KPIs, dashboards, metrics, etc.)
  • Strong organization skills and ability to keep track of multiple topics in well documented format
  • Taking initiative and be proactive
  • High standard of Microsoft Excel and other MS Office suite along with SharePoint
  • Project management expertise is a plus

Specific Qualifications

  • Demonstrated IT Audit and Risk Management expertise and experience
  • Familiar with process analysis and improvement.