Vice President

17 hours ago


Mumbai India BNP Paribas Full time

Job Description

Description

Job Description RISK ORM ICT ISPL

Job Title

RISK Operational Risk Officer (ORO) ICT ISPL

Date

July 2025

Department

RISK ORM ICT APAC

Location:

Mumbai

Business Line / Function

RISK

Reports To

(Territory)

Head of RISK ORM ICT & COE

Head of RISK ORM ICT APAC

Grade

(if applicable)

(Regional)

Number Of Direct Reports

N/A

Directorship / Registration

No

Position Purpose

- Implementation, management and oversight of 2nd line of defense risk management framework within the Information and Communication Technology (ICT) space in India.

Key Responsibilities

RISK ORM ICT ISPL Governance & Oversight

- Provide IT & Cyber risk management oversight and advisory to the business, technical and operations groups
- Provide direction, support and oversight with respect to management of security and technology risks of core systems and applications
- Drive effective implementation and communication of Operational Risk Management policies and guidelines, in particular RISK ORM ICT related.

Risk management environment

- Identification & Assessment: Ensure that the identification and assessment of operational risks are effectively done across the organization by correlating input from Audit Findings, Internal Loss

Data Collection & Analysis, External Data Collection & Analysis, Risk Control Self Assessments, Business Process Mapping, KPIs & KRIs, Scenario Analysis, Quantified Measurement & Comparative Analysis

- Monitoring & Reporting: Implement a process to regularly monitor operational risk profiles and material exposure

to losses and provide appropriate reporting mechanisms to the board, senior management and the business lines. Data capture and operational risk reporting should be continuously enhanced and provide a feedback loop to enhance risk management policies, procedures and practices.

- Control & Mitigation: Improve the effectiveness of the Internal Controls program by reviewing the control environment, risk assessment process, control activities, information and communication and monitoring activities. Assess operational risk response strategies. Validate risk transfer options.
- Risk Disclosure: Provide updates on regulatory and financial disclosure while complying with external and regulatory

communications standards and disclosing the operational risk management framework of the bank in a manner that

complies with the formal disclosure policy approved by the board of directors. Defines approach for determining what

operational risk disclosures are made and the internal controls over the disclosure process. Implement a process to assess the appropriateness of the disclosure, including the verification and frequency.

Contributing Responsibilities

RISK ORM ICT

Governance & Oversight

- Contribute to the establishment of an IT & Cyber Risk Management program in the Bank and at ISPL within the

three lines of defense model in alignment with the Group Risk Management Framework

- Assist with establishing appropriate risk management governance committees, arrange agendas and chair meetings

as appropriate

- Assist with establishing and oversight of the Operational Risk Management infrastructure and ensure practices are

consistent with regulatory expectations and industry sound practices

Risk management environment

- Business Resiliency & Continuity: Oversee and drive the business resiliency and continuity plans to ensure the

ability of the Bank and at ISPL to operate on an ongoing basis and limit the losses in the event of severe business

disruption. Coordinate with the first and third lines of defense to test these plans to ensure coverage and adequacy.

Technical & Behavioral Competencies

- Professional qualifications relevant to Information Security (such as CISA, CISM or CRISC).
- Strong risk mindset with understanding of applicable regulatory requirements in financial services sector around

Information Security Risks (Technology Risk, Business Continuity Risk, etc.)

- Experience in managing Enterprise Risk and necessary Controls. Experience in the infrastructure security space.

Strong experience in Third Party Risk assessment process.

- Functional knowledge in below areas to cover endpoint, network devices, server and databases:

Security Architecture

Malware Protection

Identity & Access Management

Secure Configuration

Security Testing

Emerging Technology Security

- Good understanding of information security technologies and knowledge around network devices, servers, Firewall, IDS, IPS, SIEM, DLP, Proxy, Web / Email Content Filtering and Anti-Virus & Malware protection.
- Good understanding of vulnerability assessments and penetration testing and technologies associated with the capabilities.
- Good understanding of incident response and management capability for cyber incidents. Working knowledge of Regulatory requirements.

Competencies (Technical / Behavioural)

The successful candidate will have a proven track record in managing risk and technology in large/global organizations with robust knowledge of technology, risks and controls, IT and security architecture, operational resilience, and third party technology risk management. Prior ICT risk experience (IT, DR/BCM, Cyber security, Third Party, etc.) and exposure to Financial Services industry is a requirement. Experience with risk management tools and information systems is beneficial.

Skills Referential

Behavioural Skills

Decision Making

Client focused

Ability to collaborate / Teamwork

Attention to detail / rigor

Transversal Skills

Analytical Ability

Ability to manage a project

Ability To Develop Others & Improve Their Skills

Technical Skills

- Experience in business process re-engineering, experience with functional and enterprise technical architecture, good understanding of large-scale technology infrastructure.
- Understanding of emerging technologies e.g. IoT, Cloud, etc.
- Understanding of ISO 2700X series of standards and guidelines
- Significant experience in the field of Technology Risk Management, Operational Resilience, Cyber, Information Security and Crisis Management.
- Strong Risk mindset with understanding of applicable Technology Risk and Resilience regulatory requirements
- Proficiency in IT Service Management, Service Continuity domains
- Experience within a regulated environment such as financial services industry

Conduct

- Demonstrate proactivity, transparency and accountability for identifying and managing conduct risks
- Consider the implications of actions on colleagues, partners and clients before making decisions and escalate issues to manager when unsure

Specific Qualifications Required

- Graduate or post-graduate qualification in ICT domains, risk management or control function
- 10 years or more experienceor practical understanding in IT, IT Security or other ICT domains required.
- Project management skills


  • Vice President

    2 days ago


    Hyderabad, India TERRA INTERNATIONAL MUN Full time

    Job Description Company Description Terra International MUN is the world's first sustainable Model United Nations conference, focusing on climate action and diplomacy. We host international conferences that bring together young leaders, diplomats, and changemakers to address pressing environmental and social issues. Our mission is to inspire the next...

  • Vice President

    1 week ago


    Mumbai, India Gobananas_Eventually Yours Full time

    About the JobRole:  Vice President – Business Development (BD) & Client Services (CS) (Full-Time)Location:  Mumbai (Andheri E) – Work from Office | 5-day workweekAbout the RoleAs the Sr.

  • Vice President

    1 week ago


    Mumbai, India Gobananas_Eventually Yours Full time

    About the JobRole:  Vice President – Business Development (BD) & Client Services (CS) (Full-Time)Location:  Mumbai (Andheri E) – Work from Office | 5-day workweekAbout the RoleAs the Sr.

  • Vice President

    2 days ago


    Noida, India Rivy Consumer Private Limited Full time

    Job Description Company Description Rivy Consumer Private Limited stands at the forefront of the cosmetics industry, proudly backed by the esteemed ISO 9001:2015 certification. Our company is fueled by an unwavering commitment to revolutionizing beauty and skincare, driven by our core values of innovation, quality, and empowerment. Understanding that...


  • Mumbai, Maharashtra, India dentsu Full time

    Dentsu is a network designed for what's next, helping clients predict and plan for disruptive future opportunities and create new paths to growth in the sustainable economy through five global leadership brands: Carat, Dentsu Creative, dentsu X, iProspect and Merkle, each with deep specialisms. Operating in over 145 markets worldwide with more than 66,000...


  • Mumbai, Maharashtra, India dentsu Full time

    Dentsu is a network designed for what's next, helping clients predict and plan for disruptive future opportunities and create new paths to growth in the sustainable economy through five global leadership brands: Carat, Dentsu Creative, dentsu X, iProspect and Merkle, each with deep specialisms. Operating in over 145 markets worldwide with more than 66,000...

  • Vice President

    1 week ago


    Mumbai, India Gobananas_Eventually Yours Full time

    About the Job  Role:  Vice President – Business Development (BD) & Client Services (CS) (Full-Time) Location:  Mumbai (Andheri E) – Work from Office | 5-day workweek  About the Role As the Sr.


  • Mumbai, India LOCKENE Full time

    Company Description Lockene is a powerful software designed to transform business operations by connecting businesses and customers through our top-rated CRM solution. With over 15 years of industry experience, Lockene offers comprehensive services and solutions in strategy, consulting, and digital. Our innovative approach aims to streamline and enhance...


  • Mumbai, Maharashtra, India LOCKENE Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    Company DescriptionLockene is a powerful software designed to transform business operations by connecting businesses and customers through our top-rated CRM solution. With over 15 years of industry experience, Lockene offers comprehensive services and solutions in strategy, consulting, and digital. Our innovative approach aims to streamline and enhance...

  • Vice President

    2 days ago


    Mumbai Metropolitan Region, India Rotaract Club of Mumbai Medico Marvels Full time ₹ 9,00,000 - ₹ 12,00,000 per year

    Company DescriptionThe Rotaract Club of Mumbai Medico Marvels (RCMMM) is a dynamic community of medical students and young professionals dedicated to making a positive impact in the healthcare sector and beyond. As part of the larger Rotaract organization, RCMMM offers its members opportunities to engage in service projects, develop leadership skills, and...