IT Risk Assesor
hace 2 semanas
RISK ORM (RISK Operational Risk Management) is part of the Group BNP Paribas second line of defence (2LoD). It belongs to the Risk Function (RISK) of BNP Paribas and is under the responsibility of the Group Chief Operational Risk Officer.
The department has responsibility for independently challenging and supervising the Operational Risk Management (ORM) of Group BNP Paribas activities on a worldwide scope. This is achieved by framing operational risk methodology for Group BNP Paribas, disseminating of a risk management culture across the Group, assessing the adequacy of the ORM set-up, controlling effectiveness of the Group Entities control environment, contributing to the detection, anticipation and response to risks, alerting BNP Paribas Management and RISK stakeholders on any significant risk issue and providing a consolidated view on Group Entities operational risk profile.
As the second line of defence (2LoD) for Information and Communications Technology (ICT) risks (which are operational risks), RISK ORM has the responsibility to identify the key technology risks of the Bank and to influence Businesses, Functions and technology partners to make sound risk management decisions, working with the main Businesses and Functions teams such IT Operations, Cloud, Cybersecurity, Data, Finance, etc.
**ROLE AND RESPONSIBILITIES**
- Framework: to assist in the review, analysis and challenge of the ICT risk management framework and in particular the norms & standards, consistently with RISK ORM guidelines, and validate any exemption to these norms & standards, namely the ICT Risk and Control plans definition.
- Risk Identification & Assessment: to challenge and verify on the first line of defence (1LoD) risk identification, ensure the consistency of potential incidents quantification, conduct independent ICT risk assessment (incident review, post mortem analysis), and validate closure of permanent control actions (controls implemented by 1LoD).
- Risk Treatment & Decision: to assist in overseeing the risk treatment process (risk acceptance, risk transfer, risk remediation) performed by the BNP Paribas Entities and their Departments, jointly participate to co-decision Committees (e.g. Change Management, New Activity, New Process, Vendor, Emergent Technologies) and/or share opinion on the ICT risks exposure with RISK ORM and 1LoD Management. Oversight the action plans defined to mitigate risk and to implement the Internal Audit, Regulators and other IT/Security authorities conclusions and recommendations.
- Testing: to conduct independent testing and challenge on 1LoD (IT and operations) controls and oversight/perform 2LOD tests/vulnerability scans when required.
- Plan: to assist to identify the main ICT risks priorities, clarify/ define the approach to perform the work aligned with BNP Paribas framework, manage relationship with stakeholders, and ensure deliverables agreed.
- Risk Reporting, Monitoring & Alert: to support BNP Paribas Management and the RISK stakeholders on incidents and crisis management (e.g. security events, data leakage); to alert on critical points for attention to be raised to RISK Management.
- Awareness / Training / Animation: to assist in promoting and driving awareness on ICT risks; to assist in organising risk meetings, forums and committees with community members.
**REQUIREMENTS**
- Bachelor degree in Information Technology, Information Security, Business or Risk Management (or equivalent professional qualification)
- Business analysis skills - ability to understand requirements and delivering these requirements in the context of tool implementation
- Industry certifications (e.g. CISA, CRISK, COBIT) or willingness to obtain the same
- Good stakeholder management skills
- Good level of English is essential
- Multilingual capability is a plus (French is preferred, other language is a plus)
- 4+ experience specifically in technology risk assessments
- Good knowledge of ICT risks, IT Control, Information Security, Business Continuity, IT operations and IT Audit and assessment methodologies and concepts
- Experience working with ICT risks, business continuity, IT Management and operations, IT risk and IT audit teams
- Ability to articulate risk management concepts in business language
- Proficient with Microsoft Office Suite
- Prior experience documenting tool requirements to support risk management
- Ability to travel to BNP Paribas and vendor sites, and perform assessments as necessary
- Industry certifications (e.g. CISA, CRISK, COBIT) or willingness to obtain the same
**PRIMARY LOCATION**
**ES-MD-Madrid**
**JOB TYPE**
**Standard / Permanent**
**JOB**
**INFORMATION TECHNOLOGY**
**EXPERIENCE LEVEL**
**At least 7 years**
**SCHEDULE**
**Full-time**
**REFERENCE**
**BNP-000797**
**APPLY**
***
- (REF: BNP-000797)
-
It Risk And Compliance Specialist
hace 3 semanas
Madrid, España Sdi Digital Group A tiempo completoDescription As IT Risk & Compliance Specialist, your mission is to keep key IT risks away from Hitachi Energy. You are responsible for IT risk monitoring and reporting and IT risk & compliance assurance for the whole organization. You facilitate effective IT risk & compliance decisions by defining, maintaining, communicating and promoting IT risks &...
-
It Risk And Compliance Specialist
hace 2 semanas
Madrid, España Sdi Digital Group A tiempo completoDescription As IT Risk & Compliance Specialist, your mission is to keep key IT risks away from Hitachi Energy. You are responsible for IT risk monitoring and reporting and IT risk & compliance assurance for the whole organization. You facilitate effective IT risk & compliance decisions by defining, maintaining, communicating and promoting IT risks &...
-
IT Risk and Compliance Specialist
hace 1 mes
Madrid, España HITACHI ENERGY SERVICES SP. Z O.O. A tiempo completoDescription : As IT Risk & Compliance Specialist, your mission is to keep key IT risks away from Hitachi Energy. You are responsible for IT risk monitoring and reporting and IT risk & compliance assurance for the whole organization. You facilitate effective IT risk & compliance decisions by defining, maintaining, communicating and promoting IT risks &...
-
IT Risk Champion Service
hace 4 semanas
Madrid, España Devoteam Spain A tiempo completoDescripción de la empresa With nearly 10K employees worldwide, we support companies in their digital transformation. We imagine and realise their ambitions through the infinite possibilities of digital platforms, to change their culture and way of working, and create value in their organisations. Present in 18 countries in Europe and the Middle East and...
-
IT Risk Officer
hace 1 mes
Madrid, España Apollo Solutions A tiempo completoA great opportunity for a Senior IT Risk / IT Auditor with experience within Cybersecurity to join a leading bank in Madrid, Spain. This would be great for anyone with experience within IT Audit / IT Risk who also has a background in Cybersecurity within a Financial Services Organisation. **You will be part of the team responsible for**: Conducting...
-
It Risk And Compliance Specialist
hace 4 semanas
Madrid, España Hitachi Automotive Systems Americas, Inc. A tiempo completoIT Risk and Compliance Specialist page is loaded IT Risk and Compliance Specialist Apply locations Madrid, Spain time type Full time posted on Posted 2 Days Ago job requisition id R0028491 Location: Madrid, SpainJob ID: R0028491Date Posted: 2023-08-01Company Name: HITACHI ENERGY SERVICES SP. Z O.O.Profession (Job Category): General ManagementJob...
-
Head of IT Risk
hace 1 mes
Madrid, España Allfunds Bank A tiempo completo**Location**: - Madrid_ Type of job vacancy: - Permanent Employee_ No. Job vacancies: - 1_ **About us** Looking for your next challenge? Allfunds (AMS:ALLFG) is a fast-paced, dynamic, Wealthtech leader with 16 offices around the globe and our employees are the best at what they do. We have a relentless passion for quality and a drive to keep ahead of...
-
Senior IT Compliance and Risk Officer
hace 1 mes
Madrid, España SIX A tiempo completoWhat You Will Do being the single point of contact for IT GRC topics and take a coordinator and interface role including training and awareness for line management, SME, projects and GRC initiatives support the operational teams in actively identifying, manage and reporting risks plan and mange IT audits and assessments together with the operational teams...
-
Cloud Security Risk Assessor
hace 4 semanas
Madrid, España Apollo Solutions A tiempo completo**Cloud Security Risk Lead** Location: Madrid, Spain Salary €60K - €65K plus benefits & bonus A great opportunity for a **Cloud Security Risk Lead** to join a leading Banking organisation based in the **Madrid, Spain**. This position will have a strong focus on Business Continuity and Technology Resilience. **As a Cloud Security Risk Lead, you will be...
-
Cloud Security Risk Assessor
hace 4 semanas
Madrid, España Apollo Solutions A tiempo completoCloud Security Risk Lead **Location**: Madrid, Spain Salary â¬60K - â¬65K plus benefits & bonus A great opportunity for a Cloud Security Risk Lead to join a leading Banking organisation based in the Madrid, Spain. This position will have a strong focus on Business Continuity and Technology Resilience. **As a Cloud Security Risk Lead, you...
-
Cloud Security Risk Lead Assessor
hace 4 semanas
Madrid, España BNP Paribas A tiempo completoThe RISK ORM (Operational Risk Management) Technology Risk Intelligence Digital Solutions department is part of the Group Risk Functions within BNP Paribas. It is a part of the 2nd line of defence under the Bank’s Enterprise Risk Management and Chief Operational Risk Officer. The department has responsibility for identification of key technology risks to...
-
Risk Analyst
hace 2 semanas
Madrid, España Hitachi Vantara Corporation A tiempo completoDescription As a Risk Analyst, you will be responsible for supporting a Hitachi Energy Enterprise Risk Manager inmanaging cross-organizational risk themes through-out its life cycle, coordinating with other risk functionsand improving organizational resilience. This position reports to the Hitachi Energy Enterprise Risk Manager. Your responsibilities:...
-
IT Risk
hace 4 semanas
Madrid, España BNP Paribas A tiempo completoBNP Paribas is an international bank with leading positions in the European market. It is present in 74 countries and employs more than 192,000 people, 146,000 of whom are in Europe. The Group holds key positions in its three main areas of activity: Domestic Markets and International Financial Services (whose retail banking and financial services network is...
-
Information Security
hace 3 semanas
Madrid, España Verisure A tiempo completoDo you want to have an impact every day by making people safe - and bringing them peace of mind? Interested in being part of a dedicated, passionate team which believes that security is a human right? Looking to join a company where innovation and technology are at the heart of its solutions? What we look for Highly motivated individuals with...
-
Information Security
hace 3 semanas
Madrid, España Verisure Sàrl A tiempo completoDo you want to have an impact every day by making people safe - and bringing them peace of mind? Interested in being part of a dedicated, passionate team which believes that security is a human right? Looking to join a company where innovation and technology are at the heart of its solutions? What we look for Highly motivated individuals with...
-
Risk Analyst
hace 4 semanas
Madrid, España HITACHI ENERGY ITALY S.P.A. A tiempo completoDescription : As a Risk Analyst, you will be responsible for supporting a Hitachi Energy Enterprise Risk Manager in managing cross-organizational risk themes through-out its life cycle, coordinating with other risk functions and improving organizational resilience. This position reports to the Hitachi Energy Enterprise Risk Manager. Your...
-
Incident & Risk Manager
hace 4 semanas
Madrid, España Equifax A tiempo completoWe are looking for an experienced Incident & Risk Manager who will be leading our Incident and Risk operation. **What you’ll do** - Liaising with internal teams to identity, analyze and execute an appropriate response to business indents. - Ensure that actions and findings are tracked and documented during and after an incident. - Brief and engage...
-
Incident & Risk Manager
hace 6 días
Madrid, España Equifax, Inc. A tiempo completoWe are looking for an experienced Incident & Risk Manager who will be leading our Incident and Risk operation. What you'll do Liaising with internal teams to identity, analyze and execute an appropriate response to business indents. Ensure that actions and findings are tracked and documented during and after an incident. Brief and engage stakeholders...
-
Risk Esg Analyst
hace 4 semanas
Madrid, España BNP Paribas A tiempo completo**GROUP BNP PARIBAS** "BNP Paribas is an international bank with leading positions in the European market. It is present in 74 countries and employs more than 192,000 people, 146,000 of whom are in Europe. The Group holds key positions in its three main areas of activity: Domestic Markets and International Financial Services (whose retail banking and...
-
Technology Risk
hace 4 semanas
Madrid, España The Cigna Group A tiempo completoRole is open for a Risk and Control Advisor within International Health Technology. This is a critical role as the Risk and Control team look to strengthen its support for the Technology teams across Europe, North America, Middle East, and Asia.The Operational Risk Advisor core activities consist of:Develop, maintain, and update risk and control...
