- Ensure that all Information Security related authoritative sources are captured.
- Perform gap analysis to ensure that missing elements are integrated when & where relevant in the Information Security Policies by proposing the necessary change requests text.
- In collaboration with Legal determine the applicability of the source to the bank.
- Maintain a traceable inventory.
- Identify affected assets and processes upon policy changes;
- Attribute implementation responsibilities;
- Get implementers’ acceptance on the attributed implementation responsibilities;
- You will be the BNP Paribas Fortis Global Security SPOC for IT stakeholders in Belgium and France.
- You will analyse the IT technical standards and perform a mapping to BNPPF policy framework.
- Traceability being key, you will keep track of deviations and use your influence skills to convince stakeholders for a pragmatic resolution.
- You will report on the compliance status between policies and technical standards to Global Security, IT and Senior Management.
- 2-5 year experience in IT security technology and processes (secure networking, web infrastructure, Wintel, UNIX, Mainframe, ATM, etc.);
- Metrics definition and dashboards.
- Significant experience in operational/security risk management.
- 2 years’ experience in developing and maintaining policies and / or processes (preferably in IT area).
- Experienced with regulatory requirements, ISO/IEC standards (eg:27001 Information Security Management Standard,…), laws and regulations
- Hand-on experience in the performance of security risk assessments on Third-parties and applications.
- Knowledge of Information Security and Risk Management frameworks
- Tools: advanced knowledge and use of Office suite, SharePoint,…
- Coordination of / collaboration with externals resources.
- Certified ISO27001 Lead Implementer.
- Experience in designing and implementing controls.
- Knowledge of GRC Tools such as RSA Archer eGRC Suite.
- Working experience with colleagues of BNPP Group (Paris) & ready to travel on ad hoc basis.
- Project Management /coordination skills (Ability to run projects averaging 100-150 days mostly intra-team).
- 2-5 years’ experience in IT, Information Security environments.
- Capability to quickly understand end-to-end process flows and control needs.
- Experience in creating memos to the attention of senior management level.
If possible, preference will be given to candidate that have a good knowledge / practical experience of different bank entities / processes if possible.
- Quick self-starter, pro-active attitude, team player.
- Excellent English writing skills.
- Good Communication and influencing skills; ability to capture and adapt to stakeholder expectations.
- Good analytical and synthesis skills; ability to produce structured and concise documents
- Autonomy, commitment and perseverance in personal organization..
Ability to work in a dynamic and multi-cultural environment.
Results-oriented; high performer.
If you think that your profile fits to these requirements, please send us your CV by email at firstname.lastname@example.org, with the job title as reference in your email subject; or send it online.