Apac Dlp Incident Investigation Analyst

In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 18,000 employees* and a presence in 13 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.
Worldwide, BNP Paribas has a presence in 68 markets with more than 193,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.
- excluding partnerships

At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.

**Position Purpose**:
The APAC DLP Incident Investigation Analyst reports to the APAC DLP Investigation & Remediation Lead and has strong IT security knowledge in different areas. The role focuses on investigating and remediating data leakage related alerts and incidents raised by different it security controls, users, and monitored channels.

**Responsibilities**

**Direct Responsibilities**
- Directly process various types of data breach incidents, collect evidence and coordinate every aspect of investigations using all available information sources
- While processing alerts and incidents, coordinate the work of different stakeholders, both local and regional
- Collect findings, identify root cause, and propose long‐term solutions which support business processes
- Liaise with IT support teams to gather additional evidence and access necessary data
- Prepare incident documentation ﴾notifications, assessments, reports, post‐mortem, etc.﴿
- Escalate issues in an effective manner and resolve them with managers and the rest of the team
- Work towards the established internal time frame and targets agreed with business stakeholders
- Gain an understanding of sensitive data within the organization, business processes, data life cycles, and data privacy requirements from business and regulatory perspectives

**Contributing Responsibilities**
- Contribute to the research activity which focuses on user behaviour analysis in order to enhance our ability to capture serious breaches and to customize awareness messages
- Proactively suggest new use cases based on investigation results and user behaviour analysis. Provide input to the Requirement Manager on the maintenance and design of DLP rules
- Suggest improvements of awareness campaigns, training sessions, workshops, for the various employee profiles
- Assist in designing and producing customized DLP reports, and contribute to the preparation of KPI and KRI for internal use and for management dashboards
- Partner with the Cyber Security team on monitoring and investigation
- Contribute to maintaining a reputation of excellence and professionalism vis a vis all senior management
- Actively contribute to BNPP Operational Permanent Control. Improve operational risk management, execute first‐level controls and partner with IT OPC for second‐level validation

**Technical & Behavioral Competencies**:
**Essential skills**
- Understanding of data protection challenges within a large organization
- Experience with Data Leakage Prevention, evidence gathering and analysis, and forensic investigations
- Prior exposure to IT Security
- At ease with engaging very various stakeholders for the purpose of assessing and remediating incidents

**Useful skills**
- Familiar with regulatory requirements on data privacy and data protection in main APAC countries
- Experience in an audit or a compliance role is a plus

**Behavioral competencies**
- Excellent interpersonal and communication skills
- Ability to propose innovative ideas and solutions
- Values and demonstrates integrity
- Possesses strong organizational and analytical skills
- Team player
- Takes initiative and is results driven