Operational Resilience Officer CIB

June 18, 2024

Operational Resilience Officer CIB

Reference12350538

  • Permanent
  • ES-Madrid-MADRID
  • RISK
Apply for this job

Business Area Overview

RISK Operational Risk Management (RISK ORM) CIB belongs to the second line of defence of BNP Paribas Corporate and Institutional Bank (CIB). It belongs to the Risk Function (RISK) of BNP Paribas (RISK) and is placed under the responsibility of the Chief Operational Risk Officer (CORO) for CIB.

The department has responsibility for independently challenging and supervising the Operational Risk management of CIB activities (Global Banking, Global Markets, Securities Services, IT, Operations, Functions) on a worldwide scope. This is achieved through: framing operational risk methodology for CIB and disseminating of risk management culture across CIB; assessing the adequacy of the CIB operational risk management set-up; controlling effectiveness of CIB control environment; contributing to the detection, anticipation and response to risks; alerting CIB and RISK stakeholders on any significant risk issue; providing a consolidated view on CIB operational risks profile.

As the second line of defence for Operational Resilience, RISK ORM has the responsibility for oversight and supervision on risks of achieving operational resilience for CIB, ensuring and opining that appropriate operational resilience efforts are underway and raise any alerts in case of issues to the stability of the Bank and influencing business, functions and technology partners to take sound risk management decisions.

Purpose of the role

    Operational Resilience is an outcome of sound risk management practices. The purpose of the role is to ensure that CIB achieves operational resilience following the principles and approaches from the regulatory requirements across the globe and any risks to achieving operational resilience are managed appropriately and timely. The role exists to supervise and independently oversee the management of both types of risks (operational resilience risks and risks to achieving operational resilience)  

Scope of the role: Global CIB

Key Responsibilities of the role:

  • The candidate will be responsible for supporting the development and implementation of the oversight framework for Operational Resilience activities of Securities Services that will include Business continuity and crisis management
  • Framework: to review, analyse and challenge the Securities Services Operational Resilience framework consistently with RISK ORM guidelines, and validate any exemption to these norms and standards
  • Governance: to participate to the committees at CIB and 2S level regarding Operational Resilience, in liaison with RISK ORM CIB relevant teams
  • Risk Identification and Assessment: to challenge and verify Securities Services risk identification, ensure the consistency of “severe but plausible” scenarios and their quantification, conduct independent risk assessment (incident review, postmortem analysis…), and validate closure of permanent control actions
  • Risk Treatment and Decision: to oversee of the risk treatment process (risk acceptance, risk transfer, risk remediation) performed by Securities Services, key decisions, and remediation plans
  • Testing: to coordinate and perform independent challenge and testing of Securities Services controls on operational resilience
  • Risk Reporting, Monitoring and Alert: to contribute to RISK ORM 2S opinions on Operational Resilience risk profile for Securities Services committees and reporting and to alert Senior Management and stakeholders on critical points for attention
  • Awareness / Training / Animation: to promote and drive awareness on Operational Resilience across CIB; to assist in organising risk meetings, forums and committees with community members

Skills and experience required

Successful candidate will have exposure to developing and implementing risk management programs in global organizations, with robust knowledge of technology, risks, architectures and related tools. Prior business continuity or IT continuity or third party risk management experience (IT, Cyber, Vendor management etc.) and exposure to the Financial Services industry is a must.  Experience with Governance, Risk and Compliance (GRC) tools and other risk management information systems is preferred. 

This is a start-up role that will help create the function. An influencer and trust builder who can sell a value proposition is important. Negotiation and Conflict Management skills an absolute must. The individual will assist in the preparation /contribution to the development of independent testing controls and support the wider RISK ORM CIB community globally in defining better maturity models for independent testing. Excellent presentation skills are necessary. Experience interacting with regulatory agencies is a plus.

Specific requirements

  • Suitable experience (8+ preferred) in business continuity, operations, or IT continuity
  • Bachelor degree in Information Technology, Information Security, Business or Risk Management (or equivalent professional qualification)
  • Team player – focus on the success of the whole team. Working well both with others, as well as individually
  • Excellent stakeholder management skills
  • Experience in a 2LoD, Risk function, operations or an IT Audit role
  • Good listening and analytical skills – being able to come to a thoughtful and business focused conclusion quickly
  • Ability to co-operate and work well with others adopting an approachable style – Important as we work closely with a large and diverse set of customers
  • Ability to see the customer perspective, i.e. from a business point of view, the most secure solution is not always workable or realistic considering costs and benefits
  • Demonstrating a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate
  • Adapting personal approach to suit situations, individuals, groups and cultures. Is flexible in relation to getting the job done
  • Taking accountability for their actions and be open and honest when things have gone wrong, and celebrating successes when things have gone well
  • Being rigorous and thorough – especially when logging and tracking issues through to conclusion
  • Ability to manage their workload as to meet the realistic targets and priorities set in conjunction with management
  • Demonstrating a high-level of commitment and self-motivation, combined with enthusiasm and a genuine interest in the role of Risk Assessment in business
  • Ability to express views clearly and fluently, both orally and in writing. Considers the audience, avoiding technical jargon wherever necessary and appropriate

Competencies

  • Good knowledge of Business Continuity, IT Continuity and Audit methodology and concepts.
  • Understanding of the banking industry’s regulatory requirements on Operational Resilience (e.g., BoE supervisory statement, European DORA, BCBS papers on resilience and risk)
  • Experience working with IT, business continuity, IT risk and audit teams
  • Ability to articulate risk management concepts in business language
  • Excellent written and verbal communication skills
  • Proficient with Microsoft Office Suite
  • Prior experience documenting tool requirements to support risk management
  • Ability to travel to vendor sites and perform assessments as necessary
  • Proven ability to manage issues through to resolution; skilled at making judgment calls.
  • Ability to successfully multitask and complete difficult assignments within deadlines which may have short lead times
  • Industry certifications (e.g. CISA) or willingness to obtain the same
  • Works iteratively, delivering quickly and frequently to produce high quality documents and outputs which require little to no rework
  • Multilingual capability (English and French) is preferred

Conduct

  • Be a role model, supporting and fostering a culture of good conduct.
  • Demonstrate proactivity, transparency and accountability for identifying and managing conduct risks.
  • Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure.

Skills and Experience Required:

Successful candidate will have exposure to developing and implementing risk management programs in global organizations, with robust knowledge of technology, risks, architectures and related tools. Prior business continuity or IT continuity or third party risk management experience (IT, Cyber, Vendor management etc.) and exposure to the Financial Services industry is a must.  Experience with Governance, Risk and Compliance (GRC) tools and other risk management information systems is preferred.

This is a start-up role that will help create the function. An influencer and trust builder who can sell a value proposition is important. Negotiation and Conflict Management skills an absolute must. The individual will assist in the preparation /contribution to the development of independent testing controls and support the wider RISK ORM CIB community globally in defining better maturity models for independent testing. Excellent presentation skills are necessary. Experience interacting with regulatory agencies is a plus


Diversity and Inclusion commitment

BNP Paribas Group in Spain is an equal opportunity employer and proud to provide equal employment opportunity to all job seekers. We are actively committed to ensuring that no individual is discriminated against on the grounds of age, disability, gender reassignment, marriage or civil partnership status, pregnancy and maternity/paternity, race, religion or belief, sex or sexual orientation. Equity and diversity are at the core of our recruitment policy because we believe that they foster creativity and efficiency, which in turn increase performance and productivity. We strive to reflect the society we live in, while keeping with the image of our clients.

Offers you may be interested in