2018 APAC Graduate Programme - IT Security – Information Security Officer - Shanghai

Full time
Full Time
2017 - 18

Position Purpose

BNP Paribas has a presence in 74 countries with over 190,000 employees. It ranks highly in its two core activities: Retail Banking and Services as well as Corporate & Institutional Banking.

In Asia Pacific, the BNP Paribas Group is a leading employer with more than 15,000 employees* and a presence in 14 markets. Being one of the largest international banking networks, we strive to employ talented and innovative people who are aligned to our vision and culture.

*excluding partnerships

The Graduate Programme is a comprehensive 24-month programme designed to equip graduates with the technical skills and individual competencies to embark upon a successful career within the BNP Paribas Group. This opportunity includes a formal mentoring programme, graduate community initiatives, relevant technical training and on- the- job learning from our senior managers and highly experienced team members.

Direct Responsibilities

  • Conduct assessment, review, etc. to help establish, optimize, fulfil necessary controls to ensure the second-level control of IT risks.
  • Manage, review, serve the users on the access of local applications, and coordinate for regional/global applications with oversea teams
  • Conduct research on security tools, technologies, industrial practices, etc. Stay current with trends and regulations within the scope of information security matters.
  • Raise security awareness of staffs
  • Carry out the required security assessments, e.g. penetration testing, security baseline scanning
  • Security Administrator for a number of tools used in house. Like assessment scan tools, 2FA, Encryption, PKI, etc.
  • To report and investigate any IT Security incident (intrusion, virus, etc.)
  • To develop, maintain and review audit logs in order to identify possible security breaches/exposures
  • To undertake such other ad-hoc duties, and reporting, as required from time to time which are commensurate with the position

Contributing Responsibilities

  • Direct contribution to BNPP operational permanent control framework.
  • Contribute to the implementation of operational permanent control policies and procedures in day-to-day business activities, such as Control Plan
  • Comply with regulatory requirements and internal guidelines
  • Contribute to the reporting of all incidents according to the Incident Management System
  • Ensure audit recommendations are resolved within the specific timeline.
  • Minimizing operational failure, including but not exclusively, the risk of fraud, by helping to devise, and by implementing, sufficient regular control
  • Ensuring appropriate escalation to management and/or Permanent Control (or Compliance as appropriate) as soon as an issue is identified
  • Help ensure the Cybersecurity law requirements are fulfilled and effectively implemented.

Technical and Behavioural Competencies

Students who have recently graduated or graduating in 2018 from all areas of disciplines are most welcome to apply. Applications will be reviewed on a rolling basis.

  • Takes initiative and is results driven
  • Strong decision making and analytical skills
  • Act with integrity
  • Ability to manage change and complexity with confidence
  • Strong team player
  • Client focused and commercial thinking
  • Excellent interpersonal and communication skills
  • Self-motivated and genuine interest in Banking and Finance
  • Proficiency in Microsoft office (MS Word, Excel & Power point)
  • Prior related internship within the banking industry is an advantage


This opportunity is closed to applications.