Apac IT Security Risk Manager

In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 18,000 employees* and a presence in 13 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.

Worldwide, BNP Paribas has a presence in 68 markets with more than 193,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.
- excluding partnerships

At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.

**POSITION PURPOSE**:
Provide security consulting for IT and other stakeholders in the region.
Provide security approvals for new and evolving changes to the environment

**Responsibilities**

**Direct Responsibilities**
- Responsible for security risk assessments and treatment/ controls on new and existing IT assets to ensure strong risk management strategies, tools, frameworks and standards are in place
- Work with various stakeholders to ensure IT assets acheive and continually retain compliance to BNPP security policies, APAC territory regulations, and security best practices.
- Identify and provide analysis and recommendations for IT security risks, and track corrective actions performed by the business thru risk exception process.
- Assess for potential risks to changes in the environement and provide security approvals accordingly.
- Provide accurate and timely reports to demonstrate individual and team activities and progress
- Work closely with IT and business representatives to drive risk assessment and remediation

**Contributing Responsibilities**
- Provide consultation on security policies and general best practices
- Participate in audits to establish compliance with security policy and APAC country regulations
- Contribute to individual, team, and security function continuous improvement projects.**TECHNICAL & BEHAVIORAL COMPETENCIES**:

- Have good understanding of industry APAC regulations i.e. MAS TRM, HKMA, FSA, etc.
- Have general knowledge on emerging technologies such as Fintech, Mobile & Virtualization.
- Must have demonstrable previous IT Security experience in risk management, audits/compliance, security system development, and/or operations. Vulnerability/ Patch Management experience is a plus.
- Must have direct IT and business stakeholders management in a confident and responsive manner. Previous security sales and/or team management experience should be highlighted.
- Must have excellent English oral and written communication. French, as well as other languages used in APAC should be highlighted.
- Must be motivated, and able to work independently as well as part of a team and must demonstrate ethical responsibility, maturity, and discretion

**SPECIFIC QUALIFICATIONS (IF REQUIRED)**:

- The following certification(s), or equivalent experience, are preferred: CRISC, CISM, CISA, CISSP, ITIL, GCCC

**PRIMARY LOCATION**

**SG-06-Singapore**

**JOB TYPE**

**Standard / Permanent**

**JOB**

**SECURITY OR FACILITIES MANAGEMENT**

**EDUCATION LEVEL**

**Short-cycle tertiary education**

**EXPERIENCE LEVEL**

**At least 5 years**

**REFERENCE**

**ITO002417**

**APPLY**

***
- (REF: ITO002417)