IT Security analyst

January 7, 2022
Employment contract
Standard / Permanent
Location
CA-QC-Montréal
Job / Mission
INFORMATION TECHNOLOGY
Reference
IT-010722-SB-001
Apply for this job

At BNP Paribas Canada, it is our employees which make the difference… Our 75 nationalities are part of our diversity!

Do you like challenges, a structured framework, the prospect of optimizing and innovating? You are known for your originality and want a certain freedom to think while sharing your knowledge and ideas?

… Come help us contribute to the growth of our Canadian platform!

You will benefit amongst other things from:

  • Access to social volunteer and recreational programs, via our many Employee Resource Groups (ERGs)
  • Opportunities for career development through active internal mobility and our innovative training program: Canada Academy
  • A brand new workspace, flexible, comfortable and easily adaptable to your needs: remote work opportunities, standing desks, innovation lab., open meeting rooms and spaces

REPORT TO

Head of Third Party Security

MISSION AND OBJECTIVES

There are many different types of third party services including: consulting services, legal services, trade processing or clearing, software providers, and application hosting.  The Third Party Security Assessment team is responsible for performing Information Security due diligence assessments on the 3rd party vendors used by BNP and managing the information security risks associated with each vendor relationship.

MAIN RESPONSIBILITIES

  • Work with Third Party Management Office (TPMO) and Business Relationship Managers to understand and clarify the inherent risks posed by third parties to BNPP.
  • Define scope and perform assessments based on inherent risk of services provided using questionnaire and control program similar to the SIG / SCA.
  • Review assessments performed by offshore team or 3rd party and provide feedback.
  • Define appropriate risk levels and corrective actions for issues identified.
  • Report on assessment outcomes, risk level and associated recommendations.
  • Present issues to 3rd parties and obtain corrective action plans.
  • Input corrective action plans into system.
  • Follow up on corrective action plans and review evidence for closure.
  • Provide metrics on a regular basis (KPI / KRI).
  • Assist in continuous monitoring of vendors.
  • Periodically reach out to vendors hosting our data regarding current threats to ensure they are taking necessary steps to reduce exposure.
  • Update procedure documentation to incorporate process changes.

REQUIREMENTS

TRAINING AND OCCUPATIONAL EXPERIENCE

  • Bachelor of Computer Science degree from an accredited college or university, or equivalent work experience
  • CTPRP, CISSP, CISM or CISA certification preferred

ESSENTIAL SPECIFIC REQUIREMENTS

  • Fluent in Spanish and Portuguese
  • Minimum 7 years professional work experience, including a minimum of 3 years in an Information Security, IT Risk or IT Audit.

SKILLS AND BEHAVIOURS

  • Strong written/verbal communication skills, and organizational and work documentation proficiency
  • Good communicator with demonstrated ability to pass messages in a clear and concise manner
  • Ability to adapt to changing priorities, handle multiple assignments, and adhere to strict deadlines
  • Ability to coordinate actions from several different teams
  • Experience performing IT audits or IT security risk assessments

About BNP Paribas

With more than 200,000 employees in 72 countries, the Group serves nearly 32 million individual customers and 850,000 professionals, entrepreneurs, SMEs and large companies. BNP Paribas is a leading bank in the euro zone and a leading international banking player.

Did you know? In 2019, BNP Paribas named World’s Best Bank for Corporate Responsibility 2019

About BNP Paribas in Canada

With more than 900 employees, BNP Paribas Canada continues to attract experts from diverse fields as well as ambitious young talent from around the world. We are proud to offer our employees a rewarding and international workplace where they can build their professional careers by honing their skills, meeting challenges and enriching their knowledge of the financial industry.

A recruitment policy that promotes equality and diversity:

BNP Paribas is an equal opportunity employer. BNP Paribas recruits, employs, trains, compensates and promotes regardless of race, religion, color, national origin, sex, disability, age, and other protected status (Employment Equity Act).

Part of BNP Paribas dedication to diversity, multiculturalism and inclusion is clearly reflected on how we believe and live diversity and inclusion all together. As such, one of BNP Paribas’ initiatives is hosting Employee Resource Groups (ERGs) which are focused on equality of gender, sexual orientation and learning from other cultures. 

We can assist with access to job offers for people with disabilities who may be unable to use our career site – please contact us by email canada_recrutement@ca.bnpparibas.com  or by phone on 514-285-6000

Want to know more about the BNP Paribas Group?

https://group.bnpparibas/en/group

** Only selected applications that meet the requirements of the role will be contacted **