IT & Cyber Risk Management Advisor-Expert
Context: BNP Paribas Fortis GRC supports IT & Business to identify, manage, and reduce IT & Cyber operational risks across assets/applications, projects, Agile Tribes/Squads, Shadow IT, and third parties—aligned with BNP Paribas Group policies.
Responsibilities
- Perform and QA IT & Cyber risk assessments (assets, projects/changes, Agile constructs, Shadow IT, third parties/cloud).
- Drive the full risk lifecycle: create → assess → treat → monitor → close; challenge quality, evidence, and remediation plans.
- Advise IT/Business stakeholders on risk-based decisions and control implementation.
- Report key risks, treatment status, trends, and overall risk posture to Management/Cyber Security.
- Improve risk methods/tools using field feedback and Group best practices.
Must-have requirements
- Master’s degree (or equivalent).
- 8+ years experience in IT/Cyber with strong technical background.
- Experience linking ISMS and IT Risk processes.
- Knowledge of control frameworks and audit methods (e.g., ISO/NIST/COBIT/ITIL concepts).
- Strong cloud exposure (SaaS, hosting providers, AWS or similar).
- Secure SDLC best practices + operational IT processes (release/change/incident/testing).
Preferred
- Banking/regulatory environment experience.
- Certifications: CISSP / CISM / CIPP / CCSK.
Languages & working mode
- English + at least one local language (Dutch/French a plus).
- Hybrid: 50% on-site / 50% remote.
Soft skills
Autonomous, proactive, structured, strong communication, analytical, control-minded yet pragmatic, results-oriented.
Et maintenant ?
Les personnes qui réussissent ici sont celles qui se sont reconnues dans cette description. Non pas parce qu'elles remplissent tous les critères, mais parce que la mission leur correspond.
Nous recrutons activement pour ce poste. Les candidatures sont examinées par notre équipe, et les profils qui correspondent reçoivent un appel pour discuter du poste en détail.