Key Responsibilities
* Execute IT and Cyber risk assessments across applications, projects, business processes, and third-party suppliers
* Identify, assess, monitor, and report operational IT and cyber risks in line with BNP Paribas Group policies
* Perform and coordinate IT & security audits on third parties and follow up on remediation actions
* Execute information security and IT control plans for suppliers to ensure contractual and regulatory compliance
* Define, implement, and maintain end-to-end Third-Party IT & Cyber Risk Management (TPRM) processes
* Produce clear and concise risk reports, dashboards, and one-pagers for management and senior stakeholders
* Review and validate IT and security contractual clauses for third-party suppliers
* Act as Single Point of Contact (SPOC) for delivered risk management services
* Provide consulting and advisory support to IT and Business teams on risk mitigation measures
* Contribute to the continuous improvement of risk management methods, processes, and tools
Required Experience & Skills
* Minimum 5+ years of professional experience in Information Security / IT & Cyber Risk Management
* Strong experience in Third-Party IT & Security Risk Assessments
* Solid knowledge of Information Security and Risk frameworks (ISO 27001, NIST, SOC, OWASP)
* Proven experience working in financial services or large, regulated environments
* Hands-on experience with operational and security risk management
* Strong understanding of cloud environments and cloud security risks (SaaS, AWS, HSP)
* Experience in process design, business analysis, and control implementation
* Knowledge of software development security best practices
* Experience with incident, change, release, and test management
* Excellent reporting, presentation, and stakeholder communication skills
* Fluent French and English (mandatory) ; Fluent Dutch
* Bachelor’s or Master’s degree, or equivalent professional experience