Australasia and Apac Securities Services IT Risk

As the leading European Union bank, and one of the world’s largest financial institutions with an uninterrupted presence in the region since 1860, BNP Paribas offers a wide range of financial services for corporate, institutional and private investors spanning corporate and institutional banking, wealth management, asset management and insurance.

We passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued and encourage applicants of all backgrounds, including diversity of origin, age, gender, sexual orientation, gender identity, religion applicants who may be living with a disability. We have a number of internal employee networks in place to empower our staff to act and challenge the status quo.

**BNP Paribas PRIDE** is highly active in favour of the LGBTQIA+ community
**BNP Paribas MixCity** which fosters better representation of women at all levels of the organization
**Ability**, the mutual aid network for employees with a disability or a disabling or chronic illness
**BNP Paribas CulturAll** which celebrates diverse backgrounds

BNP is committed to financing a carbon-neutral economy by 2050. The Group is a founding member of the Net-Zero Banking Alliance and has set up its own Low Carbon Transition Group to support its clients through their energy transitions.

More information

You must accept the "Social media and content sharing cookies" to see this content.

**COOKIES SETTINGS**

You must accept the "Social media and content sharing cookies" to see this content.

**COOKIES SETTINGS**

Award Obtained
BNPP has won Top employer Europe award in a 10th consecutive year

**What is this position about?**

As per BNP Paribas internal control charter, operating IT entities, and first and foremost their managers, are accountable for the risks they are exposed to given the businesses or services they run or deliver.
In this respect, and in full compliance with regulations applicable at group level and at entity level, and in line with group’s norms and requirements, the Australasia and APAC Securities Services IT risk manager is needed for the following risk management activities for the Territory and APAC Securities Services

Assist in identifying and assessing operational IT risks the entities are exposed to.

Ensure the risk monitoring and mitigation framework is within the defined risk appetite

Ensure the implementation and continuous adaptation of the risk framework

Ensure proper awareness of the risk framework for all IT teams

Provide consistent risk monitoring & registration tools

Provide risk management information and reporting to eligible bodies

**What would be your typical day at BNPP Paribas look like?**

**Primary Role Responsibilities**

**IT Risk**

The management and reporting (to eligible bodies) of ICT risks (with if-needed associated risk acceptances, risk profiles,) through both yearly RCSA realization and ad hoc risk assessment on his/her perimeter in accordance with the ICT risk taxonomy.

The organization of Function/Métier/Region IT risk committee at least twice a year

Support Australasia local regulatory inquiries and provide audit support

Support Securities Services IT audit inquiries across APAC

**IT Incident**

The proper collection and analysis of IT historical incidents, the validation of Métier/Region IT incidents input into the dedicated Group system, based on CIB standardized criteria, the contribution to the definition and follow-up of associated action plans in addition to regular reporting ;

The contribution to the quantification of Métier/Region/IT potential incidents

**IT Control**

The deployment and reporting (at minimum the major ones) of IT controls (OPC and operational, standard and/or specific) identified to mitigate the risks ;

The bi-annual production of the ICT Permanent control report based on provided templates and signed by the CIO/CTO of the perimeter (business/region)

Identify specific controls for region and/or specific entity within the region to meet Regulatory requirements, IT business units requirements and analysis of controls results

Continuously improving the control framework to provide assurance that the internal controls meet best practices and regulatory requirements as appropriate

**IT Recommendation**

The overall follow-up and reporting (figures, alerts, etc.) of IT recommendations implementation in his/her scope (IG/Regulator/external/Permanent Control actions/Independent consultant) in order to meet the Group objectives;

Follow-up of APAC IT recommendations and findings (IG/Audit/regulator) stock in accordance with the Group/CIB objectives

**Continuous improvement**

Identify controls (Level 1 and 2) for APAC and/or specific entity with APAC IT Business Unit based on the, requirements from IT teams, Regulatory requirements, analysis of controls results

Formalize / Design the new IT controls for APAC and organize the validation session with IT Business units