Cyber Risk Analyst

The APAC Data Protection Services team is responsible for the protection of all APAC Business Lines and Functions against the risk of data loss, data leakage and data breach. Within the team, the DLP Control Specialist responds to requirements from Group Cyber Defense, regulators and business lines by implementing appropriate DLP controls using a range of tools approved by the Bank.

The Senior Cyber Risk Analyst uses functional and technical skills to create effective and efficient solutions aligned with design guidelines, test them and deliver them under the supervision of the DPS Business Analyst & CCCO and ITO CCCO AI Catalyst.

The Senior Cyber Risk Analyst is a key interface with business CISOs, local CISOs as well as business lines representatives to understand their needs and provide them with the best response.

• Assist stakeholders in understanding data privacy and data confidentiality requirements from business and regulatory standpoints
• Endeavor to meet regulatory and TRM guidelines as they apply to data security throughout data life cycle
• Collect reference data sources to be used in DLP controls. Whenever such reference data is not available, suggest automated algorithms to create inventories of ‘trusted’ data
• Set up and conduct workshops with business and functions representatives to perform risk assessments and to document data protection scenarios
• Agree with business process owners on use cases where DLP tools can be effective in the protection of their data assets
• Aim to understand risky data communication from applications and IT platforms, and partner with ITP and IT Security Risk Management to make DLP an integral part of application security assessments
• Partner with the DLP Continuous Improvement Lead to optimize existing DLP controls and to identify risky patterns and behaviors to be addressed by new controls
• Prioritize collected and documented ideas and requirements on a roadmap, and use it to communicate the DLP maturity plan within the organization
• Perform functional and technical testing and obtain sign‐off of DLP policies and processes in order to guarantee a robust solution is delivered
• Manage change requests with available resources while limiting their impact on end users
• Escalate risks and issues to stakeholders and management, and propose and execute mitigation plans
• Contribute to the production of DLP KPI, KRI, and dashboards, including for Steering Committee meetings
• Design and document processes and procedures for your BA stream and contribute to the training of end-users
• Contribute to maintaining and enhancing the BNP Paribas Operational Permanent Control framework

• You have acquired practical experience of DLP and you have performed risk assessments and gathering of data protection requirements. You may also have experience in an audit or a compliance role
• You have proven experience in documenting business requirements with accuracy and clarity
• You have an excellent understanding of data protection challenges within a large organization
• You are familiar with regulatory requirements on data privacy and data protection in major APAC countries (at least SG, HK)
• You have a capacity to conceptualize and model data controls in non-technical terms
• You have a risk management mindset, and you are thorough and detailed in the documentation and execution of test cases
• You are comfortable with technical concepts of Email, Web and Endpoint infrastructure
• You may also hold security certifications

• You are a high-energy individual with a strong drive to deliver practical solutions
• You have perfect mastery of English, you have outstanding interpersonal skills and are comfortable engaging senior stakeholders virtually and face-to-face
• You are confident and able to influence others. You can lead a group to consensus while handling situations of conflict
• You are a good listener and are able to communicate technical topics using business terms
• You are analytical, can translate analytical thinking into solutions and present them to stakeholders and management
• You have excellent time management skills and can multi-task
• You are creative and resourceful, and you are comfortable with ambiguity
• You are a strong team player. You foster cooperation, communication and commitment among groups and teams
• You are able to handle highly sensitive information in a very professional and confidential manner

• Around 7 years of experience in international Financial Services firms or management consulting
• Professional qualifications in finance, business, engineering, computing or related disciplines coupled with excellent academic credentials
• Familiarity with current regulations related to Data Protection in APAC

As the leading European Union bank, and one of the world’s largest financial institutions with an uninterrupted presence in the region since 1860, BNP Paribas offers a wide range of financial services for corporate, institutional and private investors spanning corporate and institutional banking, wealth management, asset management and insurance.

We passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued and encourage applicants of all backgrounds, including diversity of origin, age, gender, sexual orientation, gender identity, religion applicants who may be living with a disability. We have a number of internal employee networks in place to empower our staff to act and challenge the status quo.

• BNP Paribas PRIDE is highly active in favour of the LGBTQIA+ community
• BNP Paribas MixCity which fosters better representation of women at all levels of the organization
• Ability, the mutual aid network for employees with a disability or a disabling or chronic illness
• BNP Paribas CulturAll which celebrates diverse backgrounds

BNP is committed to financing a carbon-neutral economy by 2050. The Group is a founding member of the Net-Zero Banking Alliance and has set up its own Low Carbon Transition Group to support its clients through their energy transitions.

https://careers.apac.bnpparibas/