一般資訊
參考#
111111111112836
國家
印度
城市
Mumbai / Chennai / Bengaluru
合約類型
永久
專業類型
F06 - INFORMATION TECHNOLOGY
描述
Job Title: Analyst/ Associate / Assistant Manager
Department: Third Party Technology Risk Management (TPTRM)
About Business line/Function: IT Security
Position Purpose: This role will be responsible to Conduct end‑to‑end security risk assessments of vendors, service providers and other third parties that handle BNP Paribas data or systems.
Evaluate, score and monitor inherent and residual risk throughout the third‑party lifecycle.
Collaborate with business partners, legal, compliance and senior management to ensure timely, high‑quality assessments and remediation.
The role demands solid risk‑management experience, strong technical knowledge of security frameworks, and the ability to influence cross‑functional stakeholders.
Responsibilities
Direct Responsibilities
- As a Third-Party Technology Risk Assessor, you will perform third-party information and cyber security assessment to identify, monitor, remediate, and manage third party risks across the third-party lifecycle.
- Risk Assessor role requires good risk experience & technology expertise (areas of information and cyber security, business continuity, incident management, compliance, and human resource security) in accurately scoring the inherent risk profile of 3rd parties, making sure the risk assessments are completed on time with quality. In addition, the role requires the ability to prioritize and drive workload.
- Evaluating control effectiveness and review evidence of controls by applying audit, compliance, security, and regulatory framework knowledge and experience, including, but not limited to review of: ISO 27001, SIG (Shared Assessments), TruSight, SOC / equivalent reports, as well as knowledge of controls related to Privacy, Compliance, Business Resiliency, Cyber and other risk domains.
- Fluency in Spanish or Portuguese to work with Line of business partners, by navigating them through the different stages of the risk assessment life cycle and making sure that they are being compliant to the organization requirements.
- Communicate assessment findings and recommendations to internal stakeholders, including senior management, legal, and compliance teams as applicable.
- Monitor and track the identified findings as part of the assessment lifecycle.
Contributing Responsibilities
- Actively participate in identifying process gap and should be ready to own and update/ document relevant TPTRM policies and procedures
- Support Internal and external TPTRM audit requirements
- Compile and generate Weekly/Monthly/Quarterly dashboard on KPI
Technical & Behavioral Competencies
- 5+ years of experience in Third‑Party Risk Management (TPRM) or broader risk management within financial services.
- Bachelor’s degree (or equivalent).
- Professional certifications – CTPRP, CISSP, CISA, CISM – strongly preferred.
- Hands‑on knowledge of security frameworks: ISO 27001, NIST CSF, PCI‑DSS, COBIT, SOC 2, GDPR, DORA, DPDP.
- Experience with GRC platforms (e.g., RSA Archer, ServiceNow GRC, MetricStream).
- Advanced Excel/PowerPoint/Word skills; ability to create clear, data‑driven reports.
- Familiarity with vendor‑management, procurement and contract‑negotiation processes.
- Strong analytical mindset with meticulous attention to detail.
- Self‑motivated multi‑tasker; can prioritize competing deadlines in an agile environment.
- Excellent written and verbal communication – able to translate technical risk concepts for non‑technical audiences.
- Proactive, results‑oriented, and accountable for delivering on hard deadlines.
- Collaborative team player who can influence senior stakeholders without direct authority.
- Adaptability to fast‑changing regulatory and technology landscapes.
- Prior experience evaluating third party risk for cloud service providers (AWS, Azure, GCP) or SaaS platforms.
- Exposure to emerging risk domains – privacy enhancing technologies, AI/ML model risk, supply chain cyber risk.
- Participation in cross border regulatory projects (e.g., DORA implementation).
Specific Qualifications:
- Fluent Spanish or Portuguese (spoken and written).
- These languages are mandatory to support global vendor assessments across GLOBE
Skills Referential (Required knowledge, skills and abilities)
Technical Skills:
- Risk identification, assessment, mitigation, monitoring
- Security‑framework knowledge: ISO 27001, NIST CSF, SOC 2, PCI‑DSS, HITRUST and other industry standards.
- Regulatory & compliance expertise: GDPR, CCPA, FFIEC, HIPAA, local data‑privacy laws, etc. industry‑specific mandates.
- Audit & GRC tooling: Experience with GRC platform, questionnaire management, evidence‑collection portals, and audit‑trail documentation.
Behavioral Skills:
- Ability to collaborate / Teamwork
- Communication skills - oral & written
- Attention to detail / rigor
- Creativity & Innovation / Problem solving
Education Level: Bachelor Degree or equivalent
Location: MUMBAI, CHENNAI, BANGALORE
About BNP Paribas Group:
BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialized businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability.
About BNP Paribas India Solutions:
Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.
Commitment to Diversity and Inclusion
At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.