Assistant Manager / Manager - Cyber Security Frame Work

Key role to develop Indian platform, ensuring core Cybersecurity, IT Risk and Operational Resilience activities are performed with the required efficiency and quality to protect BNP Paribas.

The Cybersecurity Framework team develops and maintains the cybersecurity policies and requirements at BNP Paribas Group level, covering all cybersecurity topics (Artificial Intelligence, Application security, Data security, cloud security, IAM, asset management, SWIFT etc..), that will must be enforced by the Group entities.

Responsibilities

- Contribute to the definition of new cyber security requirements (or review of existing) regarding 28 cyber topics (Artificial Intelligence, Application security, Data security, cloud security, IAM, asset management, SWIFT etc..) that will be applicable to all group entities.

- Defining procedure based on the requirements defined.

- Ensure projects are delivered on defined timeline and meet high-quality standards (both technical precision and grammatical accuracy)

- Hosting and animation of workshops to share, discuss, and consult on these new cyber security requirements and procedure with worldwide group experts.

- Regularly report on the status of projects including challenges.

- Contribute to the definition/review of patterns (grouping) of these cyber security requirements, applicable to all group entities according to level of risk exposure, all within the group cyber security program to assess the maturity of the entities through Cyber Maturity Assessment (CMA).

- Contribute to the evolution of these patterns (inclusion of new cyber security requirements) as notable group programs progress (such as Zero trust, DLP, etc...)

- Contribute to the definition of evidence to provide in front of each cyber security requirement to be validated through CMA.

- Regularly discuss, share, and challenge BNP PARIBAS entities on applicable patterns.

- Contribute to the evolution of the group security program (cyber security requirements, evidence, and their assessment) within Group GRC IT tool.

- Perform the gap assessment with different regulations (EU GDPR, DORA etc.,) and propose new requirements to achieve compliance.

- Advance knowledge by completing necessary certifications at least one certification yearly (CISSP, CCSP, CCSK, CCNA etc.,).

- Minimum 7 years work experience

- Proven experience with cross-cultural & international working environment and collaborating with large and geographically dispersed teams.

- Advanced communication skills (Strong writing, editing, presenting)

- Ability to articulate technical concepts to non-technical stakeholders.

- In-depth understanding of cyber security and continuity frameworks and standards such as NIST, ISO27001, ISO ISO22301etc.

- Demonstrate a positive motivated attitude. Rigorous and an eye for detail.

- Ability to prioritize and multi-task with flexibility and adaptability.

- Ability to manage conflicting priorities and multiple tasks.

- Strong knowledge and understanding of current trends of cyber security.

- Industry certifications are preferred : CISSP, CISM, CRISC, CISA, ISO27001 LA, etc.

Skills Referential

Behavioural Skills:

Ability to synthetize / simplify

Active listening

Ability to share / pass on knowledge

Communication skills - oral & written

Transversal Skills:

Ability to anticipate business / strategic evolution

Ability to set up relevant performance indicators

Ability to understand, explain and support change

Education Level:

Bachelor Degree or equivalent

Other/Specific Qualifications

- MICROSOFT WORD (Proficient)
- MICROSOFT EXCEL (Proficient)