VP - Independent Technical Testing
Mumbai, India | Leading Financial Services Company
Functions:IT / Information Technology
Job Description:56 people have viewed this job
Application & Infrastructure Risk Assessments working with the Business and Technology teams to identify security issues in existing and new systems, and agree corresponding actions to mitigate or accept risks. Tracking issues and agreed actions to completion.
Horizontal Risk Assessments: Assessing technology risks in relation to a particular theme or technology across the organisation. Examples could be assessments of the firewall change process, applications processing >$5m per day, applications hosted in the cloud, etc.
Vertical Risk Assessments: Assessing risks to a product, service, technology or infrastructure. For instance we may complete a vertical assessment on our remote working solution (including Infrastructure, applications, data, threats etc.) or our Internet connectivity.
Partnership to the Business and Technology teams in helping them understand their technology risk profile and influencing their risk management decisions.
Recurrent analysis of maturity of controls on all entities of the Group
Independent Technical Testing (ITT) in one of the activities of the Information and Communications Technology (ICT) Risk department. BNPP is looking for the Head of ISPL ITT team, which will help with his team to identify and reduce risks on the information system (alignment of strategy with business needs, software development life cycle, IT project management, IT architecture, IT security…) and thus improve the Bank business as usual. The Group is engaged in an important transformation process, including outsourcing functions or applications redesigning.
•Steer and lead the technical testing activities such as deep assessments, control inspection and Red Team, carried out by a team currently composed of 4 generalist and technical auditors ;
•Develop methodologies and tools for the achievements of assignments (including the development of the internal technical laboratory)
•Ensure the steering of the 2nd line of defence activities
•Verify the quality, relevance and traceability of the team’s assessments and the preparation of assessment reports ;
•Provide IT and Cyber Risk Management advice to business and production teams.
Skills and Experience:
•Master Degree or equivalent in ICT domains
•7+ in security and technology assessments
•Strong capacity of problem solving, presentation skills, and consulting
•Demonstrated ability to communicate effectively with stakeholders and technical staff
•Strong experience in project management
•Excellent written and verbal communication
•Recognized experience in cyber security (Pen Test, IAM, data protection, resiliency)
•Customer oriented vision, best technical solution not always aligned to business constraints
•Excellent understanding of Cyber environment fundamental’s, cyber risks and cyber threats
•Excellent understanding of risk management protocols and the concept of "3 defence lines."
• Appropriateness of the initiative to maintain and enhance its skill level.
• Experience in the financial sector.