Director - Head of Cyber Strategy CIB/IP Americas
About BNP Paribas:
BNP Paribas is a leading bank in Europe with an international reach. It has a presence in 72 countries, with more than 202,600 employees, of which almost 155,000 in Europe. The Group has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. The Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance.
In Europe, the Group has four domestic markets (Belgium, France, Italy and Luxembourg) and BNP Paribas Personal Finance is the European leader in consumer lending.
BNP Paribas is rolling out its integrated retail-banking model in Mediterranean countries, in Turkey, in Eastern Europe and a large network in the western part of the United States. In its Corporate & Institutional Banking and International Financial Services activities, BNP Paribas also enjoys top positions in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific.
The Head of Cyber Strategy for CIB/IP Americas, reporting to the CISO CIB/IP Americas, oversees the governance of the Cybersecurity program for CIB/IP Americas. The Head of Cyber Strategy is in charge of cyber risk management, budget, and strategy design and implementation oversight. The Head of Cyber Strategy also maintains the governance of the information security program and contributes to the information security review of critical firm projects. Responsibilities:
Qualifications Minimum Required Qualifications:
- Contribute to Information Security steering committees, decision making process and budget exercise
- Ensure regulatory, management and head-office requirements are integrated in the Information Security budget exercises
- Maintain oversight of the Information Security department posture (budget, governance requirements, staffing, controls, etc…) to be able to present facts and suggestions to the CISO upon request
- Perform administrative functions and activities for the Information Security department as delegated by the CISO
- Be the liaison between Control Departments (Legal, Compliance, Risk, etc…) and Information Security team leaders to ensure fluid and consistent transmission of information
- Maintain the Cybersecurity governance for the firm, including the facilitation of committees and maintenance of the policy framework
- Report to Management on the Cybersecurity program progress, resources consumption and residual risks
- Advise management on strategic control improvements required for the general information security program based on threat surface evolution and security incidents
- Collaborate with other Information Security, Information Technology, other control functions and departments to ensure full support of the Cybersecurity program deployment, and full integration with concomitant programs
- Assesses the security component of key firm projects to ensure their alignment with the information security program and strategy
- Maintain communication channels with key members and contributors to the Cybersecurity program, in order to maintain the agenda, ensure datasets preparation and collection, and identify any issue ahead of committees
- Maintain a roadmap of initiatives and a calendar of events associated with the regional Cybersecurity program
- Bachelor of Computer Science degree from an accredited college or university, or equivalent work experience
- Minimum 15 years professional work experience, including a minimum of 10 years in an Information Security role
- Strong written/verbal communication skills
- Organizational and work documentation proficiency
- Good communicator with demonstrated ability to pass messages in a clear and concise manner
- Ability to adapt to changing priorities, handle multiple assignments, and adhere to strict deadlines
- Ability to coordinate actions from several different teams
- Experience in managing a Cybersecurity or Information Security program
- Experience in managing a team
- Experience in performing information security and cybersecurity operational activities, and security risk management
- Experience in preparing and holding Steering Committees or equivalent forums in front of an audience of senior managers.
- Experience in the Financial Sector
- CISSP or CISM certifications are a plus
BNP Paribas is committed to providing a work environment that fosters diversity, inclusion, and equal employment opportunity without regard to race, color, gender, age, creed, sex, religion, national origin, disability (physical or mental), marital status, citizenship, ancestry, sexual orientation, gender identity and gender expression, or any other legally protected status.