Key Responsibilities
* Execute
IT and Cyber risk assessments
across applications, projects, business processes, and
third-party suppliers
* Identify, assess, monitor, and report
operational IT and cyber risks
in line with BNP Paribas Group policies
* Perform and coordinate
IT & security audits
on third parties and follow up on remediation actions
* Execute
information security and IT control plans
for suppliers to ensure contractual and regulatory compliance
* Define, implement, and maintain
end-to-end Third-Party IT & Cyber Risk Management (TPRM) processes
* Produce
clear and concise risk reports, dashboards, and one-pagers
for management and senior stakeholders
* Review and validate
IT and security contractual clauses
for third-party suppliers
* Act as
Single Point of Contact (SPOC)
for delivered risk management services
* Provide
consulting and advisory support
to IT and Business teams on risk mitigation measures
* Contribute to the
continuous improvement of risk management methods, processes, and tools
Required Experience & Skills
* Minimum 5+ years of professional experience
in
Information Security / IT & Cyber Risk Management
* Strong experience in
Third-Party IT & Security Risk Assessments
* Solid knowledge of
Information Security and Risk frameworks
(ISO 27001, NIST, SOC, OWASP)
* Proven experience working in
financial services or large, regulated environments
* Hands-on experience with
operational and security risk management
* Strong understanding of
cloud environments and cloud security risks
(SaaS, AWS, HSP)
* Experience in
process design, business analysis, and control implementation
* Knowledge of
software development security best practices
* Experience with
incident, change, release, and test management
* Excellent
reporting, presentation, and stakeholder communication skills
* Fluent French and English (mandatory)
;
Fluent Dutch
* Bachelor's or Master's degree, or equivalent professional experience