Senior Associate - Third Party Technology Risk Management (TPTRM)

About BNP Paribas India Solutions

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union's leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines : Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.

About BNP Paribas Group

BNP Paribas is the European Union's leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity : Commercial, Personal Banking & Services for the Group's commercial & personal banking and several specialized businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporate and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets : Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability

Commitment to Diversity and Inclusion

At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected, and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind, and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, color, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.

About Business Line / Function

The Third-Party Technology Risk Management (TPTRM) Team is responsible for identifying and assessing risks relating to Information Security, Cyber Security, Business Continuity and Physical Security arising out of the Third Parties providing services to BNP Paribas, globally. This includes policy, governance, risk management, reporting and ownership of the lifecycle of Security Risk Assessment of the Third Parties.

Job Title

Associate / Sr. Associate

Date

Department :

Third Party Technology Risk Management (TPTRM)

Location :

Business Line / Function

IT Security

Reports To

(Direct)

Manager

Grade

(if applicable)

(Functional)

Number Of Direct Reports

Directorship / Registration :

NA

Position Purpose

This role will be responsible for supporting the Third-Party Technology Risk Management team in identifying and evaluating potential / recognized risks related to Information Security, Business Continuity and Physical Security. The 3rd Party Security Risk Assessor, reporting to the Manager, Third Party Risk Management team that performs security assessments of vendors, service providers and 3rd party companies that manage systems or information for BNP Paribas

Responsibilities

Direct Responsibilities

• As a Third-Party Technology Risk Assessor, you will perform third-party information and cyber security assessment to identify, monitor, remediate, and manage third party risks across the third-party lifecycle.
• Risk Assessor role requires good risk experience & technology expertise (areas of information and cyber security, business continuity, incident management, compliance, and human resource security) in accurately scoring the inherent risk profile of 3rd parties, making sure the risk assessments are completed on time with quality. In addition, the role requires the ability to prioritize and drive workload.
• Evaluating control effectiveness and review evidence of controls by applying audit, compliance, security, and regulatory framework knowledge and experience, including, but not limited to review of : ISO 27001, SIG (Shared Assessments), TruSight, SOC / equivalent reports, as well as knowledge of controls related to Privacy, Compliance, Business Resiliency, Cyber and other risk domains.
• Work with Line of business partners, by navigating them through the different stages of the risk assessment life cycle and making sure that they are being compliant to the organization requirements.
• Communicate assessment findings and recommendations to internal stakeholders, including senior management, legal, and compliance teams as applicable.
• Monitor and track the identified findings as part of the assessment lifecycle.

Contributing Responsibilities

Technical & Behavioral Competencies

Skills Referential

Specific Qualifications (if required)

Behavioural Skills : (Please select up to 4 skills)

Ability to collaborate / Teamwork

Communication skills - oral & written

Attention to detail / rigor

Creativity & Innovation / Problem solving

Transversal Skills : (Please select up to 5 skills)

Ability to develop and adapt a process

Ability to understand, explain and support change

Ability To Develop Others & Improve Their Skills

Choose an item.

Choose an item.

Education Level

Bachelor Degree or equivalent

Experience Level

At least 5 years

Other / Specific Qualifications (if Required)

Skills Required

Pci Dss, Compliance, Iso 27001, Cobit, nist, Information Security, Cyber Security, Microsoft Excel, Business Continuity, Risk Management