Senior IT Risk & Cyber Security Specialist
- Standard / Permanent
- INFORMATION TECHNOLOGY
BNPP Personal Finance CE.T is looking for a Senior IT Risk & Cyber Security Specialist in the context of risk and cyber security management to ensure the compliance of the entity with Group BNP Paribas and Central BNPP Personal Finance guidelines and governance
Support the implementation, monitoring and governance of IT Risk and Cyber Security activities within the organization:
- Participate and contribute to the definition and deployment of the entity IT Risk and Cyber Strategy
- Act as entity focal point with Central IT Risk and Cyber teams while steering the execution of cyber services provided by the Group
- Perform operational security activities and controls (DLP analysis, AV, patching and other threats monitoring and reporting)
- Leading Cyber Security projects at entity level and providing expertise to the entity’s projects
- Serve as 1st Line of Defense for IT Risk & Cyber Security perimeters, execute the IT control campaigns and perform the analysis of inputs received from several different stakeholders
- Risk mapping: perform and challenge risk assessment, establishes corrective measures with Business and IT stakeholders to reduce the identified risks. Work closely with RISK ORC to ensure the IT risks are correctly reported and monitored
- Perform security risk assessments due diligence for third parties, supporting Procurement and Outsourcing team on the IT RISK analysis and review of business continuity questionnaires
- Support investigation of cyber or operational incidents to identify the occurrence cause, establishes the scope, estimates the financial impact, collects data and reports them; defines action plans, monitors, reports their progress, implements them and reports their result
- Coordinate the execution of the awareness campaigns to increase the level of awareness related to IT Risk & Cybersecurity within the entity
- Coordinate the execution of Business Continuity and Crisis Management exercises
- Lead the IT Risk & Cyber security Committees by ensuring the adequate reporting on the entity’s overall IT Risk and cyber status (KPIs, maturity level, controls, procedures and strategy)
- Represent BNPP PF CE.T in the international IT Risk and CISO community
What we are looking for:
- At least 5+ years of relevant experience in IT Risk Management and Cyber Security, preferably for international financial institutions or shared service centers
- Demonstrated experience notably in endpoint security and data loss prevention systems, Identity and Privileged Access Management, risk assessment and security posture assessment
- Good knowledge in application security, secure coding practices, OWASP, Static or Dynamic Application Security Testing (SAST, DAST) and network security
- Experience in management of controls, procedures creation, review and adaptation on the scope of IT Risk, cyber security and continuity
- Technical knowledge to analyze and review proposed technical solutions, proofs and evidences
- Previous experience with outsourced consultancies
- Proactive attitude, excellent analytical and problem-solving mindset with strong attention to detail
- Good interpersonal skills and cooperative attitude technically and operationally to manage multiple stakeholders and providers in an international context
- Accurate and precise with reporting habit
- Excellent communication and reporting skills while fluency in English (written and spoken) is mandatory. French is a plus
Who are we?
We’re part of one of the largest banking groups in the world and we’re conducting its best IT projects!
Central Europe Technologies (CET) is an expertise Shared Service Center for BNP Paribas Group, subsidiaries serving 19 countries and we are continuously expanding.
Our offices are located in Romania, in Bucharest, Brasov and Cluj. The company brings together over 300 employees, with expertise in various technologies (Java, .Net, COBOL) and other operational roles (credit analysts, collection officers, System Expert administrators).
About our culture:
We are proud to create, maintain and develop strategic business applications for BNP Paribas Group entities around the world, while keeping a high level of service and providing added value to our customers.
Working in a multicultural environment, we encourage our people to develop their talents and skills, offering various career opportunities and internal mobility programs, within local CET teams or in other entities within the Group, both in Romania and abroad.
We value our employees’ experience by keeping a well-balanced environment with flexibility regarding the work schedule and care for everyone’s personal time. We embraced a hybrid way of working because we believe social connection always adds value to our day-to-day activities.
Diversity and inclusion are among our core values, as CET is an equal opportunity employer. Therefore, we are committed to ensure employment opportunities regardless of race, skin color, beliefs, religion, nationality, ethnic background, age, sex, sexual orientation, marital status or political opinions.