BNP Paribas is a leader in the Eurozone, and a prominent international banking institution with strong roots in Europe's banking history. It has a presence in 71 countries, with 200 000 Employees ? including more than 150 000 in Europe and 6 000 in Portugal alone.

BNP Paribas is present in Portugal since 1985, having been one of the first foreign banks to operate in the country. Today, the Group has several entities operating directly in this territory, offering a wide range of integrated financial solutions to support its clients and their businesses.

Thanks to its international presence and regular and close collaboration among its businesses, BNP Paribas has the resources to support all clients - individuals, entrepreneurs, SMEs, large corporates, institutional investors and community organisations - with financing, investment, savings and protection solutions that help make their projects a success. BNP Paribas holds key positions in its three core operating divisions: Domestic Markets and International Financial Services for retail banking and specialised financial services, and Corporate & Institutional Banking for corporate and institutional clients.

The Information and Communications Technology Risk department (RISK ORC ICT) is part of the Group RISK Functions within BNP Paribas. It is a part of the 2nd Line Of Defence (2LOD) under the Bank?s Chief Operational Risk Officer. The Global Operational Resilience program within RISK ORC ICT is a critical component in ensuring the group?s ability to prevent disruptions to its critical services from occurring, continue to meet its objectives if a disruption or incident does occur and return to normalcy, when disruption or crisis is eliminated. This applies to Cyber, Technology, Supply chains, physical infrastructure and People.

Operational resilience management includes planning, integrating, testing and governing activities to ensure that the Group can:

• Identify and mitigate business and system risks that could lead to disruptions at Group level before they occur.

  
  

• Prepare for and respond to disruptive events (realized risks) in a manner that demonstrates command and control of incident response, coordination and service continuity. Scenarios could include but not limited to Cyber Security Incidents, Technology/Systems Outage, Third Party Suppliers, People or Process Failures.

  
  

• Recover and restore mission-critical services and operations following an incident within the agreed risk appetite levels.

  
  

The above is achieved through main teams such as Cyber Resilience (Detection, Cyber Fraud), IT Resilience, Business Continuity and Crisis Management, Third Party tech Risk.

BNP Paribas is looking for a Business & IT Continuity Risk Officer who will be will be responsible for assisting with the oversight of the Operational Resilience (second line of defense) framework and in particular for Business and IT Continuity, globally for the Group.

ROLE AND RESPONSIBILITIES

As part of the Group Operational Resilience & Crisis Management team within the Global Iberian Centre of Excellence (CoE), the position of Business & IT Continuity Risk Officer will report directly to the Head of Iberian CoE and to the Global Head for Business & IT Continuity and Third Party Technology Risk Management.

The Business & IT Continuity Risk Officer will be responsible for working with the Global Head in coordinating and executing resilience proving ?events? within a defined process that the Bank's technology infrastructure, applications and services meet our internal and external Operational Resilience requirements, and Business and Service Continuity controls. This will involve working very closely with various internal stakeholders, collectively covering the bases of End-to-End Continuity of Business and Services.

This role would require the person to focus on coordinated recovery across the group entities and divisions for various threat scenarios at global scale.

• Manage the design, delivery, testing of the Business & IT Continuity and Operational Resilience 2LOD framework, standards and associated controls

  
  

• Independently identify, assess, report and escalate material risks related to continuity of business and services as appropriate.
  

• Provide active advisory, partnership, challenge or approval to applicable risk owners and 1LOD BC and IC teams to ensure appropriate prioritization and resolution.

  
  

• Partner with 1LOD BC and IC teams and perform relevant 2LOD thematic or issue based deep dives.

  
  

• Manage assurance/oversight of Business & IT Continuity directly owned controls and in-directly owned Resilience controls and ensures these controls are tested for operational effectiveness.
  

• Contribute to the design, development and specification of new/redesigned Operational Resilience (including Information Security, Business Continuity, IT Continuity and third party technology) processes, systems, information, risk controls, testing regimes, documentation and supporting materials

  
  

PROFILE

• Significant experience in the field of IT Continuity, IT Disaster Recovery, Business Continuity and Operational Resilience Risks.

  
  

• Strong Risk mindset with understanding of applicable Business Continuity and Operational Risk regulatory requirements in financial services sector.

  
  

• Must be able to interface and coordinate work efficiently and effectively with business and technology partners.

  
  

• Excellent communication and influencing skills, including ability to articulate complex issues and incorporate feedback.

  
  

• Proficiency in Risk & Control Assessments, Thematic Deep Dives.

  
  

• Ability to co-operate and work well with others adopting an approachable style.

  
  

• Good team player, Strong stakeholder management, relationship building, influencing, facilitating and presenting skills.

  
  

• Good listening and analytical skills ? being able to come to a thoughtful and business focused conclusion quickly.

  
  

• Demonstrating a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate.

  
  

• Taking accountability for their actions and be open and honest when face constrains or things have gone wrong, and celebrating successes when things have gone well.

  
  

• Being rigorous and thorough ? especially when logging and tracking issues through to conclusion.

  
  

• Ability to manage their workload as to meet the realistic targets and priorities set in conjunction with management.

  
  

• Demonstrating a high-level of commitment and self-motivation, combined with enthusiasm and a genuine interest in the role;

  
  

• Ability to express views clearly and fluently, both orally and in writing. Considers the audience, avoiding technical jargon wherever necessary and appropriate.

  
  

• Fluent in English (mandatory) and French (desirable)

  
  

• Experience within a highly regulated environment such as financial services industry.

  
  

• Has the proven ability to think outside of the box, challenge industry norms and adapt quickly to evolving requirements.

  
  

• Excellent in the ability to understand how and why processes and solutions are designed to deliver specific outcomes.

  
  

• Is self-aware, anticipates problems, adapts and meets them head on.

  
  

• Minimum 4 to 7 years of experience in the field of Technology Risk Management, Operational Resilience and Business & IT Continuity.

  
  

• Professional qualifications relevant to Operational Resilience, Cyber Security and Business Continuity such as a university degree, MBCI, CBCP, CISM or CRISC.

  
  

• Be a role model, supporting and fostering a culture of good conduct and data protection.
  

• Demonstrate proactivity, transparency and accountability for identifying and managing conduct risks.

  
  

• Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure.

  
  

Please note that only applications submitted in English will be considered.

In case you are selected for this role, further documentation will be requested to support your hiring process.

BNP Paribas is an equal opportunity employer and proud to provide equal employment opportunity to all job seekers. We are actively committed to ensuring that no individual is discriminated against on the grounds of age, disability, gender reassignment, marriage or civil partnership status, pregnancy and maternity, race, religion or belief, sex or sexual orientation. Equity and diversity are at the core of our recruitment policy because we believe that they foster creativity and efficiency which in turn increase performance and productivity. We strive to reflect the society we live in, while keeping with the image of our clients.