Business & IT Continuity Risk Officer
- Published: Friday, 19 February 2021 08:41
Location: Portugal, Lisbon
Organization: BNP PARIBAS
BNP Paribas is looking for a Business & IT Continuity Risk Officer who will be will be responsible for assisting with the oversight of the Operational Resilience (second line of defense) framework and in particular for Business and IT Continuity, globally for the Group.
As part of the Group Operational Resilience & Crisis Management team within the Global Iberian Centre of Excellence (CoE), the position of Business & IT Continuity Risk Officer will report directly to the Head of Iberian CoE and to the Global Head for Business & IT Continuity and Third Party Technology Risk Management.
The Business & IT Continuity Risk Officer will be responsible for working with the Global Head in coordinating and executing resilience proving ‘events’ within a defined process that the Bank's technology infrastructure, applications and services meet our internal and external Operational Resilience requirements, and Business and Service Continuity controls. This will involve working very closely with various internal stakeholders, collectively covering the bases of End-to-End Continuity of Business and Services.
This role would require the person to focus on coordinated recovery across the group entities and divisions for various threat scenarios at global scale.
- Manage the design, delivery, testing of the Business & IT Continuity and Operational Resilience 2LOD framework, standards and associated controls
- Independently identify, assess, report and escalate material risks related to continuity of business and services as appropriate.
- Provide active advisory, partnership, challenge or approval to applicable risk owners and 1LOD BC and IC teams to ensure appropriate prioritization and resolution.
- Partner with 1LOD BC and IC teams and perform relevant 2LOD thematic or issue based deep dives.
- Manage assurance/oversight of Business & IT Continuity directly owned controls and in-directly owned Resilience controls and ensures these controls are tested for operational effectiveness.
- Contribute to the design, development and specification of new/redesigned Operational Resilience (including Information Security, Business Continuity, IT Continuity and third party technology) processes, systems, information, risk controls, testing regimes, documentation and supporting materials.