Operational Resilience Officer CIB BNP Paribas Risk Hub

November 15, 2024

Operational Resilience Officer CIB BNP Paribas Risk Hub

Reference48316557

  • Permanent
  • ES-Madrid-Madrid
  • RISQUE
Apply for this job

GROUP BNPPARIBAS

BNPParibas Group is the top bank in the European Union and a major internationalbanking establishment. It has close to 185,000 employees in 65 countries. InSpain we are more than 5,100 employees within 13 business lines.

RISK HUB

RISK is anintegrated and independent control function of the BNP Paribas Group. It is thesecond line of defense on the risk management activities of the Group which areunder its direct responsibilities, including credit and counterparty risk,market risk, funding and liquidity risk, interest rate and foreign exchangerisks in the banking book, insurance risk, operational risk, and environmentaland social risks.

RISK aimsat being a partner of the businesses by contributing to their sustainabledevelopment, but also a gatekeeper to ensure risks taken remain compatible withthe Group’s Risk Appetite and its strategy. 

RISKIberian Hub Madrid is a transversal platform servicing the RISK Function bycovering added-value activities around credit risk, market risk, operationalrisk and data protection. Offering a wide range of services to RISK teams, fromconsulting to cyber security going through data analysis, modelling orartificial intelligence.

Business Area Overview

RISKOperational Risk Management (RISK ORM) CIB belongs to the second line ofdefence of BNP Paribas Corporate and Institutional Bank (CIB). It belongs tothe Risk Function (RISK) of BNP Paribas (RISK) and is placed under theresponsibility of the Chief Operational Risk Officer (CORO) for CIB. 

Thedepartment has responsibility for independently challenging and supervising theOperational Risk management of CIB activities (Global Banking, Global Markets,Securities Services, IT, Operations, Functions) on a worldwide scope. This isachieved through: framing operational risk methodology for CIB anddisseminating of risk management culture across CIB; assessing the adequacy ofthe CIB operational risk management set-up; controlling effectiveness of CIBcontrol environment; contributing to the detection, anticipation and responseto risks; alerting CIB and RISK stakeholders on any significant risk issue;providing a consolidated view on CIB operational risks profile. 

As thesecond line of defence for Operational Resilience, RISK ORM has theresponsibility for oversight and supervision on risks of achieving operationalresilience for CIB, ensuring and opining that appropriate operationalresilience efforts are underway and raise any alerts in case of issues to thestability of the Bank and influencing business, functions and technologypartners to take sound risk management decisions.

Purpose of the role

OperationalResilience is an outcome of sound risk management practices. The purpose of therole is to ensure that CIB achieves operational resilience following theprinciples and approaches from the regulatory requirements across the globe andany risks to achieving operational resilience are managed appropriately andtimely. The role exists to supervise and independently oversee the managementof both types of risks (operational resilience risks and risks to achievingoperational resilience)  

Scope of the role: Global CIB

Key Responsibilities of the role

Thecandidate will be responsible for supporting the development and implementationof the oversight framework for OperationalResilience activities of Securities Services that will includeBusiness continuity and crisis management

  • Framework: to review, analyse andchallenge the Securities Services Operational Resilience framework consistentlywith RISK ORM guidelines, and validate any exemption to these norms andstandards
  • Governance: to participate to thecommittees at CIB and 2S level regarding Operational Resilience, in liaisonwith RISK ORM CIB relevant teams
  • Risk Identification and Assessment: tochallenge and verify Securities Services risk identification, ensure theconsistency of “severe but plausible” scenarios and their quantification,conduct independent risk assessment (incident review, postmortem analysis…),and validate closure of permanent control actions
  • Risk Treatment and Decision: to oversee ofthe risk treatment process (risk acceptance, risk transfer, risk remediation)performed by Securities Services, key decisions, and remediation plans
  • Testing: to coordinate and performindependent challenge and testing of Securities Services controls onoperational resilience
  • Risk Reporting, Monitoring and Alert: tocontribute to RISK ORM 2S opinions on Operational Resilience risk profile forSecurities Services committees and reporting and to alert Senior Management andstakeholders on critical points for attention
  • Awareness / Training / Animation: to promoteand drive awareness on Operational Resilience across CIB; to assist inorganising risk meetings, forums and committees with community members

Skills and experience required

Successfulcandidate will have exposure to developing and implementing risk managementprograms in global organizations, with robust knowledge of technology, risks,architectures and related tools. Prior business continuity or IT continuity orthird party risk management experience (IT, Cyber, Vendor management etc.) andexposure to the Financial Services industry is a must.  Experience withGovernance, Risk and Compliance (GRC) tools and other risk managementinformation systems is preferred. 

This is astart-up role that will help create the function. An influencer and trustbuilder who can sell a value proposition is important. Negotiation and ConflictManagement skills an absolute must. The individual will assist in thepreparation /contribution to the development of independent testing controlsand support the wider RISK ORM CIB community globally in defining bettermaturity models for independent testing. Excellent presentation skills arenecessary. Experience interacting with regulatory agencies is a plus.

Specific requirements

  • Suitableexperience (8+ years preferred) in business continuity, operations, or IT continuity
  • Bachelordegree in Information Technology, Information Security, Business or RiskManagement (or equivalent professional qualification)
  • Teamplayer – focus on the success of the whole team. Working well both with others,as well as individually
  • Excellentstakeholder management skills
  • Experiencein a 2LoD, Risk function, operations or an IT Audit role
  • Goodlistening and analytical skills – being able to come to a thoughtful andbusiness focused conclusion quickly
  • Ability toco-operate and work well with others adopting an approachable style – Importantas we work closely with a large and diverse set of customers
  • Ability tosee the customer perspective, i.e. from a business point of view, the mostsecure solution is not always workable or realistic considering costs andbenefits
  • Demonstratinga calm professional approach, with a good understanding of delivery within timeconstraints and the need to escalate/inform departmental management asappropriate
  • Adaptingpersonal approach to suit situations, individuals, groups and cultures. Isflexible in relation to getting the job done
  • Takingaccountability for their actions and be open and honest when things have gonewrong, and celebrating successes when things have gone well
  • Beingrigorous and thorough – especially when logging and tracking issues through toconclusion
  • Ability tomanage their workload as to meet the realistic targets and priorities set inconjunction with management
  • Demonstratinga high-level of commitment and self-motivation, combined with enthusiasm and agenuine interest in the role of Risk Assessment in business
  • Ability toexpress views clearly and fluently, both orally and in writing. Considers theaudience, avoiding technical jargon wherever necessary and appropriate

Competencies

  • Goodknowledge of Business Continuity, IT Continuity and Audit methodology andconcepts
  • Understandingof the banking industry’s regulatory requirements on Operational Resilience(e.g., BoE supervisory statement, European DORA, BCBS papers on resilience andrisk)
  • Experienceworking with IT, business continuity, IT risk and audit teams
  • Ability toarticulate risk management concepts in business language
  • Excellentwritten and verbal communication skills
  • Proficientwith Microsoft Office Suite
  • Priorexperience documenting tool requirements to support risk management
  • Ability totravel to vendor sites and perform assessments as necessary
  • Provenability to manage issues through to resolution; skilled at making judgmentcalls
  • Ability tosuccessfully multitask and complete difficult assignments within deadlineswhich may have short lead times
  • Industrycertifications (e.g. CISA) or willingness to obtain the same
  • Worksiteratively, delivering quickly and frequently to produce high qualitydocuments and outputs which require little to no rework
  • Multilingualcapability: English is mandatory and French will be preferred

Conduct

  • Be a rolemodel, supporting and fostering a culture of good conduct
  • Demonstrateproactivity, transparency and accountability for identifying and managingconduct risks
  • Considerthe implications of your actions on colleagues, partners and clients beforemaking decisions, and escalate issues to your manager when unsure

OUR BENEFITS

  • Trainingprograms, career plans and internal mobility opportunities, national andinternational thanks to our presence in different countries
  • Diversityand Inclusion Committee that ensures an inclusive work environment. In recentyears, several employee communities have been created to organize diversity andinclusion awareness actions (PRIDE, We Generations and MixCity)
  • Corporatevolunteering program (1 Million Hours 2 Help) in which employees can dedicatetime out of their working hours to volunteer activities
  • Flexiblecompensation plan
  • Hybridtelecommuting model (50%)
  • 31vacation days

Diversity and inclusioncommitment

BNPParibas Group in Spain is an equal opportunity employer and proud to provideequal employment opportunity to all job seekers. We are actively committed toensuring that no individual is discriminated against on the grounds of age,disability, gender reassignment, marriage or civil partnership status,pregnancy and maternity/paternity, race, religion or belief, sex or sexualorientation. Equity and diversity are at the core of our recruitment policybecause we believe that they foster creativity and efficiency, which in turnincrease performance and productivity. We strive to reflect the society we livein, while keeping with the image of our clients.

Offers you may be interested in