Information Security Professional

INFORMATION SECURITY PROFESSIONAL (JOB NUMBER: CIB006541) **About BNP Paribas Group**: **“BNP Paribas Group is a leading European bank with a strong global footprint across 72 markets and more than 202,000 employees.** The Group provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships”. **About BNP Paribas India Solutions**: Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas Group, a leading bank in Europe with an international reach. With delivery centers located in Mumbai and Chennai, we are a 24x7 global delivery center. We partner various business lines of BNP Paribas such as Corporate and Institutional Banking, Wealth Management, Retail Banking through three verticals - Information Technology, Operations and Finance Shared Services. **About Businessline/Function**: CIB Security & IT Risk provides information security services for the BNP Paribas Group. The IT Security Professional role is based in Mumbai and will work as part of a global team covering security risks and associated activities in multiple locations across EMEA, AMER & APAC. **Job Title**: Information Security Professional **Date**: 4 June 2019 **Department**: CIB Security & IT RISK **Location**: Infinity Mumbai **Business Line / Function**: **Reports to**: - (Direct)_ **Grade**: (if applicable) - (Functional)_ **Number of Direct Reports**: NA **Directorship / Registration**: NA **Position Purpose** - The purpose of the position is to help with the information security topics mentioned in the direct responsibilities._ **Responsibilities** **Direct Responsibilities** - Good Understanding of Information Security Concepts and Strategies.- Ability to liaise with cross functional stakeholders globally.- Knowledge of Data Classification and Data Masking Techniques and Mitigation Strategies.- Working knowledge of Data Security tools like Delphix, DLP, Titus, AbInitio, Archer, etc.- Well-verse in conducting Security Review, Assessments and providing recommendations.- Experience in developing content and conducting Security awareness training.- Experience in Process Improvement, Controls Enhancement and Reporting.- Good understanding of data protection regulations and impact on IT landscape- Providing advice and guidance to the Technology stakeholders on risk and control matters- Identifying key risk trends, issues and other insights requiring further investigation and following up with Technology as appropriate.- - Engaging with Firm wide risk and control groups, including internal audit and territory control teams - Working with Technology stakeholders (including Production Support and Development teams) to identify the top technology IT risks impacting the firm and formulating appropriate remediation strategies based on full understanding of business exposure and compensating controls. **Contributing Responsibilities** - Monitoring and oversight of existing IT risks, working collaboratively with stakeholders in ensuring plans are managed within timescales and escalating where appropriate. - Managing relationships with Business and IT teams, chairing periodic meetings and being a point of contact for escalating to wider team members. - Contribute relevant information technology risk information as required by group reporting. - Assistance with drafting of risk acceptance statements and coordinating sign-off from business and IT stakeholders. - SPOC for security architectures meetings. **Technical & Behavioral Competencies** - Excellent Inter personal and presentation skills - Strong project and resource management - Strong in verbal and written communication - Security understanding or experience in cryptography, key management, ciphers - Must be flexible, independent, self-motivated - Good analytical skills **Specific Qualifications **(if required) - CISSP or CISM or CRISC mandatory - Technical Graduate (Computer Science) Preferable. **Skills Referential** Behavioural Skills: Ability to collaborate / Teamwork Critical thinking Communication skills - oral & written Ability to deliver / Results driven Transversal Skills: Analytical Ability Ability to manage a project Ability to develop others & improve their skills Ability to manage / facilitate a meeting, seminar, committee, training Choose an item. Education Level: Bachelor Degree or equivalent Experience Level At least 7 years **Other/Specific Qualifications **(if required) **Primary Location**: IN-MH-Mumbai **Job Type**: Standard / Permanent **Job**: PROCUREMENT OR SECURITY OR FACILITIES MANAGEMENT **Education Level**: Bachelor Degree or equivalent (>= 3 years) **Experience Level**: At least 5 years **Schedule**: Full-time