Sr. Associate/Assistant Manager Cyber Resilience and Cyber Fraud

Job Description

Prepare for and respond to disruptive events (realized risks) in a manner that demonstrates command and control of incident response and crises, coordination and service continuity. Scenarios could include but not limited to Cyber Security Incidents, Technology/Systems Outage, People or Process Failures.Recover and restore mission-critical services and operations following an incident within the agreed risk appetite levelsThe above is achieved through main teams such as Cyber Resilience and Cyber Fraud, IT Resilience, Business Continuity Oversight, Crisis Management and Third Party Technology Risk Management. The Technology And Transversals department is part of the Group Risk ORM function within BNP Paribas. It is a part of the second line of defense under the Bank s Chief Operational Risk Officer. The department has responsibility for identification of key technology risks to the Bank and influencing business and technology partners to take sound risk management decisions.The Global Operational Resilience & Crisis Management program within GROUP RISK ORM is a critical component in ensuring the Group s ability to prevent disruptions to its critical services from occurring; continue to meet its objectives if a disruption or incident does occur and return to normalcy, when disruption or crisis is eliminated. This applies to Cyber, Technology, Supply chains, physical infrastructure and People.Operational resilience management includes planning, integrating, testing and governing activities to ensure that the group can identify and mitigate business and system disruption risks that could lead to before they occur.Prepare for and respond to disruptive events (realized risks) in a manner that demonstrates command and control of incident response and crises, coordination and service continuity. Scenarios could include but not limited to Cyber Security Incidents, Technology/Systems Outage, People or Process Failures.Recover and restore mission-critical services and operations following an incident within the agreed risk appetite levelsThe above is achieved through main teams such as Cyber Resilience and Cyber Fraud, IT Resilience, Business Continuity Oversight, Crisis Management and Third Party Technology Risk Management. Job Title:Assistant Manager Cyber Resilience and Cyber FraudDate:11/05/2022Department:RISKLocation:MumbaiBusiness Line / Function:Group RISK ORMReports to: (Direct) Head of ORTPRM, India CoEGrade: (if applicable)NA (Functional) Global Head of Cyber Resilience & Cyber FraudNumber of Direct Reports:NADirectorship / Registration:NAPosition Purpose
• Purpose:
Cyber Resilience and Cyber Fraud Technology Risk analysis are the main activities of the team. The team is composed of varying experienced members from all around the world. The role will be focused on supporting Cyber Fraud Tech Risk lead in delivery of cyber fraud risk objectives. However, it also involves a strong interaction within the team for delivery of projects such as intelligence and analytics capability. Furthermore, the role also involves interaction within other RISK function teams such as Crisis Management, RISK Intelligence, Anti-Fraud etc. and 1LoD ITRMG/ITG.Scope: Group/Global Responsibilities Direct Responsibilities The Cyber Resilience and Cyber Fraud Risk Analyst role within Tech and Transversal team is a key role within the Operational Resilience team focused on the following three missions:
• Anti - Cyber fraud Community: Play an active role in the day-to-day management of anti-Cyber fraud community comprising of cross-functional stakeholders such as Group CRO Office, CISO team, Compliance team and Data privacy team etc.
• Cyber Resilience opinion: Participate in the analysis of cyber resilience and cyber fraud documents by providing 2LOD Subject Matter Expert (SME) RISK opinion
• Cyber Resilience Project : Support the Cyber Resilience Tech RISK Lead in reporting of cyber resilience and cyber fraud activities to the senior stakeholders across the group
• Analysis of major incidents across the Group in (IT Production, Cyber, Data Breaches,) to provide a Risk opinion and check and challenge the 1LoD. Overall risk oversight on major disruptive incidents post-mortem and lessons learnt exercises
Contributing Responsibilities
• Build a thorough understanding of Global Cybersecurity posture of the Bank in order to provide high impact risk analysis to protect the firm.
• Provide IT & Cyber risk management (IT, Cyber, Operational Resilience) advisory and guidance to the stakeholders involved.
• Contribute towards the identification of KPIs for the Operational Resilience Dashboards. Publishing the dashboard on regular basis.
• You will be part of a global function with opportunities to participate in the Bank s global ICT Risk initiatives.
Technical & Behavioral Competencies Essential Functional Skills
• 5 - 7 years of experience in IT Risk and Cyber Security domains in a financial institution demonstrating a high-level of commitment and self-motivation.
• Strong demonstrated knowledge of cybersecurity, cyber risk and cyber threats
• Risk knowledge and awareness of risks combined with enthusiasm and a genuine interest in the role of Risk Assessment, Risk Analysis in business and providing Risk Opinion as a subject matter expert.
• Working knowledge of global threats to international cyber security, and conversant in the tactics, techniques and procedures used by cyber adversaries.
• Demonstrates a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate;
• IT knowledge
. Tools/technologies/methodologies
• Excellent understanding of Information Security
• A good understanding of large-scale technology infrastructure and SOC/CERT operations.
• Should have worked with Risk Management Tools
• Strong MS Office skills (core applications)
Mastery of delivering formal deliverables such as PowerPoint presentation, reports or procedures (Level : Proficient)
Specific Qualifications (if required)
• One or more Industry-recognized information Security certifications such as a university degree and/or CISSP, CEH or CHFI
, * Skills Referential Behavioural Skills : (Please select up to 4 skills)Attention to detail/rigorCommunication skills - oral & writtenAbility to Collaborate/TeamworkActive ListeningTransversal Skills: (Please select up to 5 skills)Ability to manage / facilitate a meeting, seminar, committee, trainingAbility to understand, explain and support changeAbility to inspire others & generate peoples commitmentAnalytical AbilityEducation Level: Bachelor Degree or equivalent Experience Level At least 5 years Other/Specific Qualifications (if required)Shift Requirements: Day

Keyskills :
it risktatsalesmisbankingdelivery of projects