BNP Paribas
Website:
bnpp.lk
Job details:
Position Purpose:
The role is to provide both the Business Units and IT Management with the assurance and visibility that IT Controls are executed in a controlled and managed way. In addition to the specific responsibilities detailed below, the successful candidate will be expected to demonstrate understanding in other areas of Risk & Control Management including strategies surrounding Process Engineering, Configuration Management, Change, Incident & Problem Management, Non-Conformities and Corrective Actions Management, Risk Identification and Control, Project Management and Tools and Methods.
Responsibilities
Direct Responsibilities
- Conduct periodic controls assessments across process areas in scope. Raise any non-compliance and follow up of the corrective actions until closure.
- Liaise with global and local IT control areas to ensure their certification is timely and appropriate.
- Perform periodic Root Cause Analysis of process issues and non-compliances at Project and Application Domain level. Ensure that the exercise is planned, executed effectively and reported to appropriate level.
- Participate in minimising production risks and issues, including but not exclusively, by helping to devise, and by implementing, sufficient regular controls.
- Ensure appropriate escalation to management and/or Permanent Control (or Compliance as appropriate) as soon as an issue is identified.
- The enforcement of Permanent Controls, providing ongoing risk & controls self-assessment status of the control environment.
- Contribute all relevant management information(KPIs/KRIs) to the various scope reports/dashboards.
- Assist with Historical Incident management process, including liaising with various stakeholders involved, root cause analysis and impact evaluation.
Contributing Responsibilities
- Contribute to the upkeep and maintenance of the ISPL Permanent Control Framework
- Maintaining relevant Operational Permanent Control (OPC IT) processes and procedures
Technical & Behavioral Competencies
• Good knowledge of IT Risk & Audit domain with focus on Internal and/or External Audits.
• Good understanding of IT Controls Framework and experience executing controls.
• Understanding of IT Software, IT Infrastructure and IT Service Management domain is a value add.
• Strong analysis & problem-solving skills
• Structured and methodical mindset
• Proactive approach with a strong ability to work on own initiative
• Ownership of work and commitment to delivery
• Can do attitude
• Team oriented (both local and global)
• Good interpersonal and communication skills
• Big picture awareness – make relationships between tactical issues and strategic options
• Client focused
• Pragmatic and creative approach
Specific Qualifications:
IT Background
Skills Referential (Required knowledge, skills and abilities)
Technical Skills:
- Technology Risk & Controls
- IT Risk Framework and Standards
- ISO 27001 Certified
- Understanding of key regulations
Behavioral Skills:
- Attention to Detail/rigor
- Communication skills – Oral & Written
- Personal Impact / Ability to influence
- Critical thinking
Education Level: Bachelors / Masters
Location: Mumbai/Chennai
Click on Apply to know more.