CYBER FRAUD RISK MANAGEMENT SPECIALIST (2LoD) BNP PARIBAS CIB- RISK HUB BNP Paribas is a leading bank in Europe with an international reach. It has a presence in 68 countries, with more than 193, employees, including around 148, in Europe. The Group has key positions in its three operating divisions: Retail Banking, Investment and Protection Services, and Institutional Banking, which serves two client franchises: Clients and institutional investors. BNP Paribas and Institutional Banking is a globally recognised leader offering capital markets, securities services, financing, treasury, and advisory solutions.
RISK Operational Risk Management (RISK ORM) CIB belongs to the second line of defence of BNP Paribas and Institutional Bank (CIB). It belongs to the Risk Function (RISK) of BNP Paribas (RISK) and is placed under the responsibility of the Head of RISK ORM CIB, who reports to the CRO of CIB. The department has responsibility for independently challenging and supervising the Operational Risk management of CIB activities (Global Banking, Global Markets, Securities Services, Information Technology (IT), Operations and Functions) on a worldwide scope.
PURPOSE: The Fraud risks including, but not limited to, External fraud and Internal Fraud, data leakage prevention due to fraud, fraud through suppliers, and Frauds where customers are a victim are a key topic for losses, reputational impact, and systemic operational risk for financial services. This role exists to supervise and oversee independently the management of such risks.
SCOPE: Global CIB (including BP2S) and with specific focus on Fraud risk related to cyber-crime.
RESPONSABILITIES: Framework to review, analyse and challenge the Fraud risk management framework and in particular the norms and standards, consistently with RISK ORM guidelines, and validate any exemption to these norms and standards.Governance to assist in preparation, organisation and secretariat the committees at CIB level in relation to Fraud risk management, in liaison with relevant global RISK ORM teams including from CIB and other operating divisions.Risk Identification and Assessment: To challenge and verify Fraud risk identification, ensure the consistency of potential incidents quantification, conduct independent Fraud risk assessment (incident review, post mortem analysis), and validate closure of permanent control actions.Risk Treatment and Decision: To oversee the risk treatment process (risk acceptance, risk transfer, risk remediation) performed, give opinion in co-decision Committees (e.g.: NAC/TAC or similar) escalating in case of disagreements, challenge and independently opine on CIBs Fraud risk profile, key decisions and remediation plans.Testing: To perform independent challenge and testing of CIB Fraud controls.Risk Reporting, Monitoring and Alert: To validate Fraud risk monitoring; to provide independent Fraud risk reporting & consolidated view to CIB and RISK management and supervisors; to support management on incidents and crisis management (e.g. Fraud events); to alert Senior Management and stakeholders on critical points for attention.Awareness / Training / Animation: To promote and drive awareness on Fraud risks across CIB; to assist in organising risk meetings, forums and committees with community members.EXPERIENCE, QUALIFICATIONS & COMPETENCIES: Skills and Experience Required: Suitable experience (5+ preferred) in any of the disciplines Fraud risk management, fraud examinations, IT risk management or IT continuity.Bachelor degree in Information Technology, Information Security, Business or Risk Management (or equivalent professional qualification).Ability to independently investigate complex cases including cyber security incidents, intellectual property theft, fraud and abuse, asset misuse, and violations of policy.Team player focus on the success of the whole team.Experience in a 2LoD, Risk function, operations or an Internal Audit role.Good listening and analytical skills being able to come to a thoughtful and business focused conclusion quickly.Ability to see the customer perspective, i.e. from a business point of view, the most secure solution is not always workable or realistic considering costs and benefits.Demonstrating a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate.Adapting personal approach to suit situations, individuals, groups and cultures.Taking accountability for their actions and be open and honest when things have gone wrong, and celebrating successes when things have gone well.Being rigorous and thorough especially when logging and tracking issues through to conclusion.Ability to manage their workload as to meet the realistic targets and priorities set in conjunction with management.Demonstrating a high-level of commitment and self-motivation, combined with enthusiasm and a genuine interest in the role of Risk Assessment in business.Ability to express views clearly and fluently, both orally and in writing.Good knowledge of Internal and external fraud risk management, cyber security, IT concepts.Understanding of the banking industry's regulatory requirements on Fraud and ICT.Ability to articulate risk management concepts in business language.Excellent written and verbal communication skills.Proficient with Microsoft Office Suite.Prior experience documenting tool requirements to support risk management.Ability to travel to vendor sites and perform assessments as necessary.Proven ability to manage issues through to resolution; skilled at making judgment calls.Ability to successfully multitask and complete difficult assignments within deadlines which may have short lead times.Industry certifications (e.g. ACFE, CISA, CRISC) or willingness to obtain the same.Multilingual capability with English proficiency (- French or Spanish) is preferred.Conduct: Be a role model, supporting and fostering a culture of good conduct. Demonstrate proactivity, transparency and accountability for identifying and managing conduct risks.
#J-18808-Ljbffr