Company purpose:

Our company purpose is to contribute to a responsible and sustainable economy by financing and advising clients according to the highest ethical standards.

Our employer promise is built around three pillars:

• Being a great place to work

• Committed to sustainability and having a positive impact

• Being dedicated to the development of our people

Business area

The IG Hub UK is a geographical Hub, covering all activities in the UK and Channel Islands.

The Hub has five audit teams. These teams are split by business activity covering all activities within their area of responsibility.

The Hub’s remit is to provide audit services to the Businesses, Operations and Functions in the UK and Channel Islands in close liaison with Senior Management and Head Office entities. The focus is to help the organisation accomplish its objectives by bringing a systematic approach to evaluate and improve the effectiveness of the governance, risk management, and internal control processes. The IT team within the IG Hub is responsible for auditing the IT & Cyber Security domains and related activities.

Job Purpose

This role will serve as a senior independent reviewer and will be accountable for providing high quality and in-depth analyses and observations to the business and supporting functions on behalf of the IT Team utilising the support of other team members where necessary. The role is to be an active participant and, where appropriate, leader of risk-based audit reviews, and will assist the IT Team to issue recommendations to remediate any identified issues and weaknesses.

Key Responsibilities

• Leads or acts as a key resource in IG assignments, ad-hoc projects and investigations, accountable for the timely performance of the role’s own duties whilst also validating the work of other team members involved in an assignment. At all times, the role holder will have regard for the main risks detailed in the Risk and related Control Matrix and, where acting in a management capacity, will plan and organise an assignment (including the allocation of staff) as well as ensure that all missions, associated documentation and IG standard are inputted into relevant tools as required by the relevant processes.
• Completes other audit related tasks (such as the continuous/annual risk assessment or requests for audit recommendation closure, archiving, preparing restitution slides, and inputting findings, recommendations) to ensure that audits are effectively performed, maintained and coordinated within BNP Paribas Audit Methodologies and Tools, procedures, guidelines and expectations.
• Leads the performance of the continuous monitoring and annual risk assessment processes in relation to audit areas, working with senior team members (including the Deputy Head of Hub, IT) to ensure a consistent and compliant approach.
• Develops and manages operational initiatives within their business area, in line with relevant policies, procedures and any relevant regulatory requirements or professional codes of conduct.
• Keeps abreast of the best practices in the industry to drive innovation within the team, with the aim of contributing to the development of the tools and techniques used by the IG Department.
• Keeps relevant stakeholders, including the Deputy Head of Hub, IT and assignment Supervisors, suitably always updated on progress of assignments and work so that they have a good understanding of workstream status.
• Supports junior team members on assignments with their assigned work and contacting other members of the IG team and contributes to their development, including by preparing their end of assignment appraisals (PMRs) for discussion with the Deputy Head of Hub, IT.
• Monitors progress in relation to post-audit recommendations related to the IT and Cyber Security specialism to evaluate them as specified in the appropriate procedures and facilitates their closure.
• Develops and maintains strong relationships with key stakeholders in the teams being audited, and
• operational managers across the business to ensure that a high-quality integrated IG service is provided.
• Acts as a point of escalation for more junior staff to support them where problems are more complex and require sophisticated analysis or experience to ensure that they can perform and provide a consistent service to the business.
• Will be required to provide certain managerial, coaching or appraisal functions for junior roles allocated to any assignments being led / resourced by the role to support the development of talent in the team.
• Contributes to the maintenance and development of the data analytics tools and methodologies used by the IT Audit team within IG.

Requirements

• Professional qualification required with knowledge related to performing IT and Cybersecurity audits in the banking / finance industry.
• Proven experience in IT and Cybersecurity risks and controls, either at a Bank or consulting firm, or other by conducting other relevant Internal/External Audits.
• Strong grasp of industry standards and regulations related to IT and Cyber. For example, NIST, PCI DSS, DORA, COBIT, ISO 27001 etc.
• Knowledge of a wide range of IG (Internal Audit) principles, processes, regulations and legislation
• appropriate for the IT team and ability to translate knowledge and experience into recommendations to improve team operating practices.
• Strong analytical skills, including ability to understand quickly the critical steps in a process, synthesise and process complex information and understand the related risks of various natures, including use of data.
• Good people management skills and an ability to work with individuals to set individual objectives and manage performance to ensure their delivery.
• Thorough and organised with an ability to project manager, prioritise and work under time-pressure.
• Excellent written and oral English skills to articulate technical issues and to be able to take the complex concepts and summarise it in simple English, to enable effective communication with individuals across the business.
• Ability to produce quality audit artefacts such as reports, findings and opinions for senior management.
• Computer literacy and a good knowledge of standard computer software and able to learn and utilise specialist applications appropriately.
• Intermediate level proficiency in Data Analytics or the use of AI to facilitate accurate analysis of large data sets.

Preferred competencies

• An academic background in IT, Management Information System, Computer Science or a related discipline.
• Beginner to Intermediate level proficiency in Data Analytics or AI prompting to facilitate accurate analysis of large data sets.
• Prior experience working in technical capacity (IT & Cyber) will be an advantage.
• A professional qualification / certificate in Audit (e.g. CISA, CISSP, CISM, OSCP, CCSP).

It is preferred that the role holder will be willing to travel from time to time to perform their duties (in particular to Paris)

And of course, we expect all our colleagues to embody and practice the Group values (alignment with the Bank’s strategy, commitment, work ethic, integrity and Code of Conduct).

A bit more about why you should join us

1. We’re a great place to work

We aim for optimal work/life balance (depending on role, this includes hybrid working, flexible working and agile)

We are proud of our award-winning flexible benefits and health & wellbeing strategy. Our flexible benefits include:

• Generous holiday allowance of at least 26 days (plus bank holidays) – with option to buy and sell holidays.

• Valuable financial plans – a 12% non-contributory pension which has been moved to sustainable investments*, life assurance*, income protection and personal accident insurance.

• Extensive wellbeing and mental health offering – one of the most advanced private medical schemes in the UK, dental cover, wellbeing app, Cognitive Behavioural Therapy support, subsidised gym memberships, bespoke health assessments including genetic testing, Private GP (including digital GP services to parents of employees), Employee Assistance Programme, menopause & fertility support (we are an accredited Menopause Friendly Employer), neurodiversity assessment and support.

• Key onsite services and facilities in London – include physiotherapy, nutrition, massage therapy, physiology, mental health first aiders, seasonal flu vaccinations and free onsite fitness centre.

• Plus, emergency back-up care for dependants, green car leasing, season ticket loan, and a range of other benefits.

* Subject to relevant caps

2. As the eurozone’s largest bank, we are committed to having a positive impact in the world.  

For example, we are committed to Net Zero in all of our financing and investment portfolios by 2050. By 2030, 80% of our energy production financing will be low carbon.

But impact for us means more than climate. It means empowering our people every day. Everyone gets four volunteering days each year - in 2023, we achieved over 18,000 hours of volunteering across the UK and reaching over 4,500 young people.

3. We believe in our people

We support our people to develop skills to adapt to the ever-evolving world of work and to prepare for the jobs of today and tomorrow. We do this through a comprehensive training offering, talent programmes, mentoring, career days and inhouse career tools.

We are proud of the number of our people who progress and secure new roles internally. In fact, in 2023, nearly half of our positions in UK CIB were filled internally. 

Investing in our people also means we have a collaborative and inclusive culture:

• Direct feedback from our people shows that our internal culture sets us apart from our industry peers.

• Each year, nearly 30,000 employees globally are involved in professional networks that play an active role in promoting Diversity and Inclusion within the Group. These include our:

Pride Network, Ability Network (which supports disabled employees), MixCity (gender equality network), Women in Global Markets, Women in Global Banking, Women in IT, Diversity Equity & Inclusion in Technology, Early Careers Network, Multicultural Network and Parents & Carers Network.

Equal opportunities

BNP Paribas is committed to providing a work environment that fosters diversity, inclusion, and equal employment opportunity without regard to age, disability, gender reassignment, marriage or civil partnership status, pregnancy and maternity, race, religion or belief, sex or sexual orientation, or any other legally protected status.

Adjustments

We don’t want anyone to be disadvantaged in our recruitment processes, so if you have a disability or health condition which may mean that you’d benefit from some adjustments or additional support, please let us know as early in the process as possible.

#LI-Hybrid