BNP Paribas Personal Finance
Madrid, Community of Madrid, Spain
hace 4 días

We are looking for an IT Risks & Cyber Shared Services Centre Manager , responsible for providing a coordinated corporate support function to BNP Paribas Personal Finance entities, both local and international, for IT Cybersecurity and Operational Risk management processes.

He / she will also provide advice and user support across the Organization on the use of IT Risk and Cyber tools and systems.

The Shared Services Centre manager consolidates administrative functions to deliver in a cost-effective manner, promoting operational efficiencies and services improvements.

A technical focus :

  • Delivery of IT Risk & Cyber services in contribution to identification, evaluation, treatment, monitoring, reporting and closing of IT operational risks.
  • A non-exhaustive sample of key IT Risk & Cyber operational processes and activities to contribute to are : Vulnerability management, Penetration tests, Identity & Access Management, 3rd-party due diligence, Monitoring of risk treatment (action plans), Reporting the risk exposure (by asset, by entity, by territory ), .

    The main responsibilities of the position will be :

  • Oversees service delivery and the day-to-day operations of the SSC, ensuring that all standards are met and procedures are followed.
  • Establishes priorities and schedules of main activities

    Reviews and monitors SSC-related services to identify trends and problem areas, reporting on risks, key performance indicators and proposed corrective action or new approaches

    Develops and implements new working methods and procedures of the SSC; recommends procedural changes to improve SSC efficiency and ensures appropriate implementation of decisions made by senior management

    Prepares and monitors the SSC budget

    Oversees and ensures the smooth functioning of information systems required to deliver the services and the definition and implementation of changes required to maintain the systems operational and fit for purpose.

    Supports system deployment activities to ensure smooth adoption by clients of the Centre

    Defines and ensures the implementation of Service Level Agreements; sets standards for quality and ensures that operational activities are implemented in accordance with recognized procedures and guidelines and meet the established standards

    Establishes quality control mechanisms such as client surveys, periodic data quality assurance reviews, error escalation procedures

    Plans and develops SSC communication strategy and capacity development; develops procedures and guidelines for use by the SSC customers in order to ensure clarity, accuracy, consistency and accountability and to sustain and increase public awareness of SSC core activities

    Establishes and maintains close working relationships with functional Divisions / Offices at HQ, liaising on issues in the implementation of established policies and escalating to policy owners any issue requiring policy related decisions

    As part of the IT Risk Office management team, contributes to and oversees the delivery of multi-disciplinary programs, policies, products, and services and prepares a variety of plans, strategies, reports and proposals

    Performs other duties as required

    Requirements :

    Advanced University degree in Computer Science, Information Security, Business Administration and / or Management

    5 years of relevant experience in coordinating, leading and / or managing operations and administrative activities

    Previous experience in providing structured services to clients

    Fluent English. Good working knowledge of French and any other European language are considered a +’

    Good understanding of Operational Risk Management principles, European GDP Requirements

  • One of CISM, CISA, CRISC, CISSP or equivalent certifications is a must
  • Inscribirse
    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", doy mi consentimiento para que neuvoo procese mis datos de conformidad con lo establecido en su Política de privacidad . Puedo darme de baja o retirar mi autorización en cualquier momento.
    Formulario de postulación