IT Risk and Cyber Security Senior Officer
1 semana atrás
JOB NUMBER:
2402RSK17645)
About the job
- This role is in alignment with 2LoD involvement required on BNP Paribas dedicated hybrid Cloud that is core of Cloud Strategy.
1) Cloud technology risk and operational risk management framework including Cloud security controls, operational risk management procedures, standards and processes for identifying, assessing, monitoring, reporting and mitigating operational risks related to dedicated Cloud.
2) Periodic and ad hoc reviews of cloud security controls to ensure they are integrated and operating effectively by the cloud security risk profile solutions
3) Cloud risk register with Cloud security control and risk assessments integrated for Cloud risk reporting to CROs, operational risk officers of poles and entities, IT Group Cloud and Cloud security teams, Cloud service providers, internal and external auditors on operational risk matters.
Your Main Activities Are
- Lead and coordinate Cloud technology and operational risk identification, assessment, monitoring, reporting and mitigation activities for the dedicated Cloud using appropriate tools and methodologies
- Develop and maintain the Cloud technology and operational risk management framework, policies, standards, procedures and controls for the Dedicated Cloud services in alignment with BNP Paribas 1LoD and 2LoD risk management policies
- Coordinate and manage the Cloud technology and risk governance structure including committees, forums and reporting lines for the Dedicated Cloud services
- Periodic (weekly, monthly, quarterly, half yearly, annual) and ad hoc reports and dashboards on the Cloud technology and operational risk profile, trends, issues, incidents and remediation action plans for the dedicated Cloud services to senior management, risk management committees, supporting regulatory reporting, internal and external auditors
- Provide Cloud security expert advice and guidance to CRO, operational risk officers, IT Group Cloud program, Group CISO, IT Group production teams, cloud service providers, internal and external auditors on Cloud technology and operational risk matters including risk assessments, controls, testing, audits and remediation
- Participate in multiple Group Cloud program and operations governance committees for Cloud security controls and risk management with Operational Risk officers, IT Group Cloud Program, Group CISO, IT Group Production teams, Cloud service provider, Independent Software Vendors (ISVs) etc. covering topics of Cloud security & ICT risks, Cloud adoption, operational security, remediation actions, etc
- Coordinate with operational risk officers of poles and entities for move to Cloud technology and operational risks
- Review and update minimum baseline Cloud security controls in collaboration with IT Group Production security teams, Cloud security experts, Operational risk officers, ICT risk officers, etc
- Review and update process and workflow for monitoring and reporting of compliance to minimum baseline dedicated hybrid Cloud security controls on Cloud security posture management solutions in collaboration with IT Group Production teams, Cloud service provider, ICT risk officers, operational risk officers, etc
- Develop and identify and update risk reporting methods using automated solutions, leveraging existing or new solutions of Governance, Risk and Compliance (GRC) tools for dedicated hybrid Cloud services asset register, risk register, remediation tracking, etc. Cloud Security Posture Management solutions, operational risk management solutions, IT service management solutions, reporting & dashboard solutions, etc
- Overall high quality report writing, documentation and presentation for dedicated hybrid Cloud security topics of operational risk frameworks and operating models, cloud security baseline controls, identifying control gaps, residual risks, questions to identify root causes, risk implications, short term and long term remediation measures, recommendations and appropriate risk opinions
Profile and Skills to Success
- Good knowledge of ICT risks, IT Control, Information Security, Business Continuity, IT operations and IT Audit and assessment methodologies and concepts
- Experience working with ICT risks, business continuity, IT Management and operations, IT risk and IT audit teams
- Ability to articulate risk management concepts in business language
- Excellent written and verbal communication (English)
- Proficient with Microsoft Office Suite
- Prior experience documenting tool requirements to support risk management
- Ability to travel to BNP Paribas and vendor sites, and perform assessments as necessary
- Proven ability to manage issues through to resolution; skilled at making judgment calls
- Ability to successfully multitask and complete difficult assignments within deadlines which may have short lead times
- Ind
-
Risk And Cyber Analyst
1 semana atrás
Porto, Porto, Portugal Axians Portugal Tempo inteiroAt AXIANS we seek the right talent, for the right place. We work daily to involve our people in a collaborative and inclusive environment, with a culture of proximity. Also, part of our culture is our concern for the environment and the implementation of social and environmental corporate responsibility actions. This could be your opportunity to join a...
-
Senior Security Log Management Engineer
1 semana atrás
Porto, Porto, Portugal Infineon Technologies AG Tempo inteiroAre you a seasoned SIEM professional with hands-on Elastic Cloud Enterprise experience? Infineon's Cyber team is hiring, and we want you to be a part of it. Infineon's Cyber team spans across several countries around the world and covers Cyber Governance & Risk, Consulting, Security Monitoring, Incident Response & Digital Forensics and OT Security functions...
-
Senior It Security Tester
1 semana atrás
Porto, Porto, Portugal mgm security partners Portugal Tempo inteiroSenior IT Security Tester (m/f/d)Porto Porto, Porto District, Portugal We at mgm security partners have been supporting our customers in the security of their applications and systems for more than 15 years.With our colleagues in Munich, Berlin, Dresden and Đà Nẵng (Vietnam), we maintain a family atmosphere in which everyone contributes their individual...
-
Senior It Security Tester
1 semana atrás
Porto, Porto, Portugal Mgm Security Partners Portugal Tempo inteiroSenior IT Security Tester (m/f/d)Porto Porto, Porto District, Portugal We at mgm security partners have been supporting our customers in the security of their applications and systems for more than 15 years.With our colleagues in Munich, Berlin, Dresden and Ðà N?ng (Vietnam), we maintain a family atmosphere in which everyone contributes their individual...
-
Risk and Cyber Analyst
1 semana atrás
Porto, Porto, Portugal AxiansPT Tempo inteiroAt AXIANS we seek the right talent, for the right place. We work daily to involve our people in a collaborative and inclusive environment, with a culture of proximity. Also, part of our culture is our concern for the environment and the implementation of social and environmental corporate responsibility actions.This could be your opportunity to join a...
-
Information Security Officer
1 semana atrás
Porto, Porto, Portugal Euronext Tempo inteiroInformation Security Officer - Governance, Risk and Compliance page is loaded Information Security Officer - Governance, Risk and Compliance Apply locations Porto time type Full time posted on Posted 2 Days Ago job requisition id R15459 Key accountabilities Assisting with the implementation and maintenance of the Information Security Programme; Assisting...
-
Information Security Officer
1 semana atrás
Porto, Porto, Portugal Humana Portugal Tempo inteiroInformation Security Officer - Governance, Risk and Compliance - Porto I am representing a global client of mine in Porto.The opportunity is for an ISO to assist with the implementation and maintenance of the Information Security Programme as well as a host of other responsibilities.Required Skills 5+ years' experience in a specific Information security role...
-
Cyber Security Consultant
1 semana atrás
Porto, Porto, Portugal Infineon Technologies Tempo inteiroAs a Cyber Security Consultant, you will provide consultancy services on a wide variety of projects and to a wide variety of stakeholders with regard to cyber security and its requirements.In your new role you will:Participate in and facilitate meetings with IT and business project managers, project members and vendors;- Support the team with your technical...
-
Information Security Officer
1 semana atrás
Porto, Porto, Portugal Humana Portugal Tempo inteiroInformation Security Officer Governance, Risk and CompliancePortoI am representing a global client of mine in Porto.The opportunity is for an ISO to assist with the implementation and maintenance of the Information Security Programme as well as a host of other responsibilities.Required Skills5+ years' experience in a specific Information security role (e.g....
-
Information Security Officer
1 semana atrás
Porto, Porto, Portugal Humana Portugal Tempo inteiroInformation Security Officer Governance, Risk and CompliancePorto I am representing a global client of mine in Porto.The opportunity is for an ISO to assist with the implementation and maintenance of the Information Security Programme as well as a host of other responsibilities. Required Skills5+ years' experience in a specific Information security role...
-
Cyber Security Trainee
1 semana atrás
Porto, Porto, Portugal Infineon Technologies Shared Service Center, Unipessoal Lda Tempo inteiroAs a Cyber Security Trainee, you will work in an international team, being part of our Consulting Services for Cyber Security. You will work alongside your colleagues in a dynamic and flexible environment, providing support to improve globalcyber security processes and initiatives.In your new role, you will:Participate in various cyber security initiatives...
-
Cyber Security Trainee
1 semana atrás
Porto, Porto, Portugal Infineon Technologies Tempo inteiroAs a Cyber Security Trainee, you will work in an international team, being part of our Consulting Services for Cyber Security. You will work alongside your colleagues in a dynamic and flexible environment, providing support to improve globalcyber security processes and initiatives.In your new role, you will:Participate in various cyber security initiatives...
-
Cyber Security Specialist
1 semana atrás
Porto, Porto, Portugal FinTrU Tempo inteiroVacancy Name Cyber Security Specialist (VP)Vacancy No VN502Location City PortoOverview of Role FinTrU are expanding our Cyber Security team at FinTrU in Porto.We are looking for a Cyber Security Specialist to help safeguard our information system assets, help protect our systems by defining access privileges, control structures and resources, as well as...
-
Cyber Security Specialist
1 semana atrás
Porto, Porto, Portugal Vestas Tempo inteiroPower Solutions > Applications, Controls & Electrical > Platform Cyber SecurityCyber Security is part of Vestas Power Solutions designs and deliveries modern, secure and maintainable OT solutions. Aims to create value for Vestas and our customers with future solutions using latest technology and security trends in order to detect the potential threats before...
-
Cyber Security Specialist
1 semana atrás
Porto, Porto, Portugal Vestas Tempo inteiroPower Solutions > Applications, Controls & Electrical > Platform Cyber SecurityCyber Security is part of Vestas Power Solutions designs and deliveries of modern, secure, and maintainable OT solutions. Aims to create value for Vestas and our customers with future solutions using the latest technology and security trends in order to detect potential threats...
-
Senior IT Security Tester
1 semana atrás
Porto, Porto, Portugal mgm security partners Tempo inteiroWith our colleagues in Munich, Berlin, Dresden and Đà Nẵng (Vietnam), we maintain a family atmosphere in which everyone contributes their individual strengths and interests.Senior IT Security Tester (M/F/d):We offer you the unique opportunity to be part of the development of our branch from the very beginning and to leave your mark on the further...
-
it security risk management analyst
1 semana atrás
Porto, Porto, Portugal Sonae Tempo inteiroIT SECURITY RISK MANAGEMENT ANALYST (M/F)SonaeIT SECURITY RISK MANAGEMENT ANALYST (M/F)Full TimeWe are a company of all and for all. With a solid and inclusive foundation, MC maintains its focus on people, to make life simpler for customers, employees or community members. We create value with the contribution of everyone, we innovate at every step and we...
-
Cyber Security Engineer
1 semana atrás
Porto, Porto, Portugal Körber Pharma Packaging Ag Tempo inteiroSelect how often (in days) to receive an alert: We are Körber – an international technology group with more than 12,000 employees at over 100 locations worldwide and a common goal: We turn entrepreneurial thinking into customer success and shape the technological change. In the Business Areas Digital, Pharma, Supply Chain, and Technologies, we offer...
-
Banking Sector It Risk Analyst
1 semana atrás
Porto, Porto, Portugal Devoteam Portugal Tempo inteiroAt Devoteam, we believe that technology with strong human values can actively drive change for the better. Discover how Tech for People unlocks the future, creating a positive impact on the people and the world around us. We are a global leading player in Digital Transformation for leading organisations across EMEA, with a revenue of €1B. We believe in...
-
Information Security Officer
1 semana atrás
Porto, Porto, Portugal Euronext Tempo inteiroInformation Security Officer - Governance, Risk and Compliance page is loaded Information Security Officer - Governance, Risk and Compliance Apply locations Porto time type Full time posted on Posted 2 Days Ago job requisition id R15459 Key accountabilities Assisting with the implementation and maintenance of the Information Security Programme; Assisting...
