ICT OPERATIONAL RISK MANAGER FOR REMOTE LOCATIONRISK ORM GB EMEA is acting as the second line of defence for all Global Banking, CIB Functions including Information and Communications Technology (ICT), Correspondent Banking Operations carried out in the region, providing CIB and RISK senior management with a front-to-back view of operational risks. It also ensures global consistency of Operational Risk management of Global Banking activities across RISK ORM CIB regions. Department is organized within 2 Filieres, Capital Market (Debt Market, Real Assets, Securitized Products, Equity CM, Merger& Acquisition, Bonds) and Transaction Banking (Payment and Cash Management, Trade Finance, Supply Chain Management) and also in charge of transversal activities (Functions, TPRM, ICT, Data Management). As the second line of defence (2LoD) for Information and Communications Technology (ICT) risks (which are operational risks), RISK ORM has the responsibility to identify the key technology risks of the Bank and to influence Businesses, Functions and technology partners to make sound risk management decisions, working with the main Businesses and Functions teams such IT Operations, Cloud, Cybersecurity, Data, Finance, etc. This role exists to supervise and oversee independently the management of such risks by the ICT/IT teams on the GB EMEA activities. Assigment: The Risk Operational Risk manager will be under the hierarchical management of the Team Leader of RISK ORM Global Banking EMEA for remote location and under the functional management of the RISK ORM ICT GB EMEA in Paris. Main Missions: The ICT Operational Risk Manager will be in charge of the following activities for the GB EMEA: Risk and Control Self-Assessment (RCSA): Ensure application of the risk identification & assessment framework. Independent challenge and sign-off on the RCSA and control plans (generic vs specific, deployment, organizational scope, major risk coverage, relevance of assessments and action plans). Perform risk assessment of the 1st line of defence control framework, and read-across of identified risks. Historical Incidents: Ensure application of HI collection normative framework. Alert in case of significant incidents. Perform quality review of ICT significant incidents and bring expertise to significant business HI having an ICT cause and validate permanent control actions (PCA) closure. Independent testing: Define and execute 2nd line of defence controls (verification, re-performance, direct and thematic controls). Perform review of the 5 Generic Control Plans (GCP) for ICT on Global Banking EMEA, define and execute testing roadmap on focused topics (for instance following metiers evolution integrating process digitalization and external). Contribute to other LOD2 plans of penetration testing/vulnerability assessment in liaison with ICT Group and/or ICT CIB. Recommendations and permanent control actions: Ensure application of framework for recommendations & permanent control actions follow-up (e.g. Inspection Générale / External auditors / Supervisors findings and recommendations, TAC NAC actions, etc.). Report on recommendation / actions implementation and management of the escalation process. Governance, committees, projects/programmes: Contribute to TAC NAC – New Transaction or Activity Validation Committees – of Global Banking (central and local) (i.e. for new solutions, new IT systems, outsourcing/nearshoring initiative) formalizing risk opinions, conditions and impacts on risk profile with appropriate escalation to management in case of disagreement. Participate and contribute to CIB projects/programs (Operational Resilience, Smart working, TPRM etc.,). Develop close relationship with main GB EMEA IT stakeholders (CIO, APS, CISO, CCCO) Missions are important, so are the team and the environment! As RISK Manager RISK ORM ICT CIB Global Banking, you will join a team of 24 people located mainly in Paris, Madrid, London, Geneva, Frankfurt and Bahrain.​ You will interact on a regular basis with key Global Banking IT stakeholders (process managers, chief information security officer: CISO or permanent control coordinators: CCCO) in order to increase his knowledge of the system, to be alert to emerging risks, to share and gain buy-in to his analyses, and his RISK opinions. You will also be in charge of exchanging your analyses, best practices with a community of experts, risk managers, within RISK ORM CIB (or RISK Corporate) in order to strengthen read across and the expertise of the community. You will work in flex office and benefit from work at home. Business Skills: 5+ experience specifically in technology risk assessments Good knowledge and acceptance for new technologies, process digitalization and technical evolutions (IT experience required). Good knowledge of the CIB Corporate Banking businesses, products and processes Interest and/or experience in the Operational Risk Management IT and Business relationship ICT risk skills: IT, Cyber security standards and technologies, Risk Management components (risk identification, assessment, monitoring, mitigation) Audit experience appreciated Cyber security or IT Risk certifications strongly appreciated (ex: CISSP, CISM, CRISC, etc.) Language: fluent English. Desirable French fluent Behavioural Skills: Initiative, dynamism Work on relationship Independence and analysis capabilities Excellent interpersonal skills, communication and negotiation BNP Paribas Group in Spain is an equal opportunity employer and proud to provide equal employment opportunity to all job seekers. We are actively committed to ensuring that no individual is discriminated against on the grounds of age, disability, gender reassignment, marriage or civil partnership status, pregnancy and maternity/paternity, race, religion or belief, sex or sexual orientation. Equity and diversity are at the core of our recruitment policy because we believe that they foster creativity and efficiency, which in turn increase performance and productivity. We strive to reflect the society we live in, while keeping with the image of our clients.