Senior Associate - IT Risk & Control - ISPL Conduct & Control

About BNP Paribas India Solutions

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union's leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines : Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.

About BNP Paribas Group

BNP Paribas is the European Union's leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity : Commercial, Personal Banking & Services for the Group's commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets : Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability

Commitment to Diversity and Inclusion

At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.

About Business Line / Function

The OPC is a key component of the first line of defence as regards the management of operational risks and permanent controls under the authority of the Head of the Entity.

The OPC operates and / or coordinates the entity's Operational and Permanent Control framework related to all operational risks front-to-back and end-to-end , including Fraud, Third Party, Conduct, Compliance, Regulatory, ICT risks, and others risks types in collaboration with other specialized independent control functions and in compliance with internal policies, procedures and guidelines issued by independent control functions as well as with external regulatory and supervisory requirements

Position Purpose

Operating entities organize their Operational Risk Management and their Permanent Control framework on a risk-based approach. The intensity of the framework and its governance should be commensurate to the materiality of the entity and its operational risk exposure.

To achieve this, designated IT Operational Permanent Controllers manage all the IT Operational Risks and Permanent Controls under the authority of the Head of the Operating Entity.

The OPC also coordinates the entity's Operational and Permanent Control framework related to all operational risks front-to-back and end-to-end, to ensure compliance with internal policies, procedures and guidelines as well as external regulatory and supervisory requirements.

The role is to provide both the Onshore IT Business Units and Onshore IT Management with the assurance and visibility that IT Controls are executed in a controlled and managed way. In addition to the specific responsibilities detailed below, the successful candidate will be expected to demonstrate understanding in other areas of Risk & Control Management including strategies surrounding Process Engineering, Configuration Management, Change, Incident & Problem Management, Non-Conformities and Corrective Actions Management, Risk Identification and Control, Project Management and Tools and Methods.

Responsibilities

Direct Responsibilities

• Overall responsibility for the Risk and Control function for the assigned IT Business Units
• Identification and assessment of IT risks and IT controls as per group guidelines
• Define and regularly update the entity's IT control plan according to the outcome of the risk assessment, regulations, and other risk events.
• Identify control gaps and propose solutions and ensure control gaps are adequately addressed
• Identify system / control deficiencies and propose solutions to strengthen the control environment
• Monitor controls are performed as per the defined control plan
• Ensure timely and comprehensive contribution to Risk Governance committee meetings.
• Follow-up and contribute to close recommendations / permanent control actions / incident remediation actions.
• Ensure operational risk incidents are reported as per the BNP Paribas Incident reporting policy and implementation of corrective and preventive actions
• Ensure appropriate training and awareness on Operational Risks are provided to employees.
• Ensuring all key risks & control deviations reported to Senior management along with corrective action plan and Control Results updated accurately with all the deviations
• Ensure that the Head of Department is properly informed, that issues are escalated in a timely manner and that sufficient information is provided to form appropriate judgments

Contributing Responsibilities

Technical & Behavioral Competencies

Knowledge of Project Management methodology (e.g. PMP, Prince2) is a plus

Experience Level : 5 to 8 years

Skills Required

Process Engineering, Cisa, Risk Control Management, Configuration Management, IT General Controls, Project Management, Cissp, Problem Management, crisc , Cism