Technology Risk Manager

Full Time Science, Technology, Engineering and Mathematics

Job Overview

Job title: Technology Risk Manager

Job description: In a changing world, unprecedented challenges require unmatched talent. Join one of Montreal’s Top Employers in 2022. We are a dynamic and growing organization having its main establishment located in downtown Montreal and part of a leading international banking institution fully committed to building a more sustainable future. Note that the position may be in the Canadian Branch of BNP Paribas or in one of its subsidiaries based in Montreal.

The position at a glance

The Technology Risk Manager within the BNP Paribas RISK ORM ICT Organization at CIB Americas is responsible to provide independent oversight and strategic 2LOD guidance on Information Security and Cyber Risk Management domains across both direct and indirect areas of responsibility for the CIB Americas set of operating entities.

In this capacity, the role will report functionally to the Head of RISK ORM ICT, CIB Americas.
The day-to-day focus may vary depending on the requirements of the overall program across CIB Americas and may include: independent testing, review of IT or Business projects, risk assessment, risk reporting, check and challenge, development of new tools and methodologies, etc..

In detail

  • Establish himself / herself as the second line of defense subject matter expert for key stakeholders in matters related to Information Security and Cyber Risk Management for CIB Americas;
  • Prepare information to enable the governance committees in their management oversight of ICT risks;
  • Participate in relevant governance committees as a delegate of the Head of RISK ORM ICT;
  • Initiate timely escalations to the Head(s) of RISK ORM / ICT and Chief Risk Officer(s) where appropriate;
  • Counsel business unit managers (e.g. Front Office) on risk management issues to ensure awareness and accountability for ICT risks;
  • Collaborate with other 2LOD functions and teams across the Americas and Group on common priorities/projects (e.g. IHC-level processes, Group-level initiatives);
  • Participate in evaluating new products/changes/projects and assess the related ICT risks and impact to the organization’s risk profile e.g. in IT Validation Committees, Cloud Enablement Council etc.;
  • Manage, oversee or contribute to missions that are designed to evaluate ICT risk identification and effective and sustainable mitigation;
  • Provide leadership and subject matter expertise during response to major cyber incidents and crisis events and assist coordinate 2LoD engagement and response of crisis managers;
  • Analyze risk data from various sources (e.g. external events, control deficiencies, risk register) to identify and measure levels of risk, concentration, trends and patterns;
  • Work with 1LOD and 2LOD to recommend strategies that effectively treat the risks within the risk appetite (e.g. controls improvement to mitigate an ICT risk);
  • Perform check and challenge of 1LOD risk processes, data and outcomes (e.g. risk assessments, control evaluations, risk metrics, mitigation plans, risk acceptances, etc.), communicate risk opinions at various levels of management;
  • Once new/modified controls are in place, continue to monitor control effectiveness and the risk & control environment to determine whether incremental improvements are required to ensure that risk exposures are within acceptable limits;
  • Ensure adherence to ICT risk management standards and procedures, including and not limited to:

oDeveloping and issuing ICT / Operational Resilience risk management reports and risk opinions;
oMaintaining working papers to substantiate and ensure objective basis for the risk opinions

Qualifications

The strengths and skills that will help you succeed

The ideal candidate must demonstrate the following Experience, Competencies, Knowledge and Skills:

Qualifications and Experience

  • Practitioner experience in Information Security, Information Risk Management or Information Technology Risk Management
  • Minimum overall professional experience of 10 years or more in ICT / Operational risk management roles in matrix organizations, of which at least 7 years leading technical risk management activities
  • Bachelor’s degree in a technical discipline (Computer Science, Computer Engineering, Information Technology, Information Security, Information Systems etc. preferred). Master’s degree preferred
  • Professional certifications are preferred but not mandatory
  • French, Spanish or Portuguese language would be an asset

Behavior and Competencies

  • Demonstrated capabilities in engaging effectively with both senior management as well as operational teams in a highly matrixed organization
  • An execution and solution focused risk mindset with an ability to push the needle forward even within ambiguity or incomplete information
  • A keen sense of risk anticipation with attention to details and an ingrained ability to connect the dots and challenge status quo
  • Ability to multi-task without losing track of competing priorities; an operator who is comfortable being hands-on
  • A team player who can coordinate and drive consensus among different teams and stakeholders having varying view points
  • Demonstrated ability to build relationships, influencing and negotiations across diverse stakeholders across the 3 lines of defense
  • Demonstrated ability to work independently and within a team
  • Ability to demonstrate sound judgement and critical thinking

Knowledge and Skills

  • Demonstrated proficiency in the subject matter knowledge of Technology Risk Management, Information Security
  • Experience within a highly regulated environment such as financial services industry
  • Prior experience in developing frameworks and follow through with their implementation
  • Prior experience in managing operational risks especially those related to Information Security, Information Assurance, Information Risk Management, Data Risk Management
  • Key technical skills in multiple areas of expertise (more than one preferred): Networks and Network Security, Identity & Access Management, Data Management, Incident Management, Threat & Vulnerability Management, Penetration Testing, Cloud & Virtualization Technologies (IaaS, PaaS, SaaS), Application Security, Encryption Technologies and Key Management
  • Excellent presentation and communication skills, including ability to articulate complex issues and incorporate feedback through risk opinions. Ability to deliver actionable information to various audiences

What’s in it for you

In addition to competitive compensation, we offer flexible benefits including a family and spouse insurance program, a defined contribution pension plan and paid days for volunteering. Hybrid work arrangements, such as remote working up to 50% and flexible working hours are available for most positions. BNP Paribas provides excellent training and personal development programs, as well as opportunities for career development within the company and internationally.

To find out more about our range of benefits,

What you need to know

  • We will review candidates as they apply, so don’t wait to submit your application;
  • If you are selected to participate in the recruitment process, please inform Human Resources of any accommodations you may require. BNP Paribas will work with you to ensure that you are able to participate fully in the process;
  • You must be legally eligible to work in the Greater Montreal area and, if applicable, hold a valid work or study permit. Physical presence in BNP Paribas’ office(s) is an essential function of this position;
  • Given the vast majority of our clients, both internal and external, is based outside of Quebec and Canada, our positions require employees to speak another language than French – being English for most positions; other languages such as Spanish or Portuguese may be also specifically required and such will be clearly mentioned in the requirements of the position;
  • All BNP Paribas employees in Canada must be adequately vaccinated against COVID-19 on the date of hire, unless exempt for a reason protected by the Canadian Human Rights Act.

Diversity, Equity and Inclusion (DE&I) at the heart of our commitments

At BNP Paribas all employees are on an equal footing allowing us to create a work environment that values and respects people for their talents, skills and competences.

BNP Paribas recruits, employs, trains, compensates and promotes regardless of race, religion, colour, national origin, sex, disability, age, and other protected status (Employment Equity Act and Canadian Human Right Act).

To learn more about our DE&I commitments,

About us

BNP Paribas is the top bank in the European Union and a major international banking establishment. Present in 65 countries, with more than 190,000 employees, the bank holds key positions in several areas of banking and financial services.

BNP Paribas’ mission is to contribute to a responsible and sustainable economy by financing and advising its clients according to the highest ethical standards, while striving to respond to essential concerns in terms of the environment, regional development and social inclusion.

Since 1961, BNP Paribas has supported large Canadian companies and institutions in their business development by offering a full range of specialized financial services and investment products.

With over 1,200 employees, BNP Paribas in Canada continues to attract experts from diverse fields as well as ambitious young talent from around the world. We are proud to offer our employees a rewarding and international workplace where they can build their professional careers by honing their skills, meeting challenges and enriching their knowledge of the financial industry.

Our certifications and partnerships

  • Montreal Top Employer 2022
  • Women in Governance – Parity certified – Silver certification
  • CCDI Consulting Inc. (Canadian Center for Diversity and Inclusion)
  • Pride at Work Canada
  • Rainbow Accreditation issued by Canada’s LGBT+ Chamber of Commerce (CGLCC)
  • ROSEPH – Grouping of specialized organizations for the employment of persons with disabilities
  • IndigenousWorks

Do you want to discover other BNP Paribas offers in Canada?

Click here:

** Only selected applications that meet the requirements of the role will be contacted **

Company: BNP Paribas

Expected salary:

Location: Montreal, QC

Job date: Tue, 15 Nov 2022 02:36:40 GMT

Job Source: Careerjet.ca

Apply for this job
Share:

A job board that helps you to get the right job based on your skills and experience.

T&C

Terms & Conditions

Contact Us

info@firstnationswork.com