2018 APAC Graduate Programme - IT Security - Singapore

IT & Operations
Full time
Full Time
2017 - 18

Position Purpose

BNP Paribas has a presence in 74 countries with over 190,000 employees. It ranks highly in its two core activities: Retail Banking and Services as well as Corporate & Institutional Banking.

In Asia Pacific, the BNP Paribas Group is a leading employer with more than 15,000 employees* and a presence in 14 markets. Being one of the largest international banking networks, we strive to employ talented and innovative people who are aligned to our vision and culture.

*excluding partnerships

The Graduate Program is a comprehensive 24-month program designed to equip graduates with the technical skills and individual competencies to embark upon a successful career within the BNP Paribas Group. This opportunity includes a formal mentoring program, graduate community initiatives, relevant technical training and on- the- job learning from our senior managers and highly experienced team members.

Position Description

IT Security Risk Analyst ensures that processes across IT operate within the security and business risk thresholds. The remit extends across all governance, risk and compliance aspects of IT security, i.e. policies, standards and procedures, authorization and administration of accesses, networks, servers and workstations, operating systems, databases and applications. Proactively monitors and assesses the IT infrastructure/applications of the company to ensure that the confidentiality, availability, integrity and traceability of IT systems are maintained. It also requires the incumbent to foster close working relationships with other business areas and Business Unit IT and IT Infrastructure Production teams

It covers all IT teams and usage of the IT platform by other departments, as far as the infrastructure and staff located in Asia Pacific are concerned. Another key objective is to ensure that IT maintain an appropriate level of security in compliance with company policy and requirements from regulatory authorities and in accordance with recommendations from General Inspection, Compliance, Internal Audit and external auditors.


Cooperation & contribution

  • To actively coordinate and cooperate with other IT and IT Security teams (local, global and regional) to ensure best IT Security practices and deliveries and a smooth interaction.
  • To work in partnership with the Business Lines, Organization & Methods, Information Systems, and others to draw up measures for implementing the Bank's Information Systems Security Directives.
  • To work closely with Global IT Security & Risk Assessment team to follow-up on strategic projects and security issues.
  • To effectively manage cross-functional internal/external team collaboration and communication to effectively and efficiently manage IT Security Risk topics
  • To manage the relationship with a particular business throughout Asia
  • To participate in audits by internal/external auditors and regulators and articulate controls that satisfy concerns raised by auditors
  • To participate & contribute during an IT Security related incident (intrusion, virus, etc.) from risk assessment perspective as and when required
  • To work closely with System, Network and Application Teams for closure of non-compliance issues found.
  • To contribute to IT quality and process improvement generally.

Security Risk Management

  • Key Activities include:

Security Validation

    Controls & Procedures

    • To participate in the regular security review of the assigned business units
    • To ensure that work is conducted adhering to compliance, data protection (customer & personal data) and other regulatory requirements.
    • To minimize operational risks and risks of fraud by implementing regular and sufficient controls related to his position.
    • To escalate to his management and/or Operational Risks & Permanent Control any issues identified.

    Technical and Behavioural Competencies

    Students who have recently graduated or graduating in 2018 from all areas of disciplines are most welcome to apply. Applications will be reviewed on a rolling basis.

    • Strong analytical & execution skills
    • Strong service delivery mindset
    • Be organized and meticulous.
    • Able to handle stakeholders in a confident, positive and responsive manner.
    • Excellent interpersonal and communication & writing skills
    • Team work mindset and able to work independently
    • Adaptability to fast changing environment and technology
    • Takes initiative and is results driven
    • Prior related internship within the banking industry is an advantage
    • Proficiency in Microsoft office (MS Word, Excel & Power point)

    Following competencies would be advantageous

    • Knowledge of IT infrastructure, network and/or application security.
    • Knowledge of IT Security Risk Management concepts and with good understanding of industry APAC regulations i.e. MAS TRM, HKMA, FSA, etc.
    • Technical Knowledge in: Unix / Linux; Windows 2008/2012/7 operating Systems
    • Professional credentials in relevant IT security disciplines, such as ITIL-SM, ITGI, CGEIT, CISM, CISA or CISSP, including CISSP-ISSMP

    This opportunity is closed to applications.