IT & Cyber Risk Management Advisor-Expert
Context: BNP Paribas Fortis GRC supports IT & Business to identify, manage, and reduce IT & Cyber operational risks across assets/applications, projects, Agile Tribes/Squads, Shadow IT, and third parties—aligned with BNP Paribas Group policies.
Responsibilities
- Perform and QA IT & Cyber risk assessments (assets, projects/changes, Agile constructs, Shadow IT, third parties/cloud).
- Drive the full risk lifecycle: create → assess → treat → monitor → close; challenge quality, evidence, and remediation plans.
- Advise IT/Business stakeholders on risk-based decisions and control implementation.
- Report key risks, treatment status, trends, and overall risk posture to Management/Cyber Security.
- Improve risk methods/tools using field feedback and Group best practices.
Must-have requirements
- Master’s degree (or equivalent).
- 8+ years experience in IT/Cyber with strong technical background.
- Experience linking ISMS and IT Risk processes.
- Knowledge of control frameworks and audit methods (e.g., ISO/NIST/COBIT/ITIL concepts).
- Strong cloud exposure (SaaS, hosting providers, AWS or similar).
- Secure SDLC best practices + operational IT processes (release/change/incident/testing).
Preferred
- Banking/regulatory environment experience.
- Certifications: CISSP / CISM / CIPP / CCSK.
Languages & working mode
- English + at least one local language (Dutch/French a plus).
- Hybrid: 50% on-site / 50% remote.
Soft skills
Autonomous, proactive, structured, strong communication, analytical, control-minded yet pragmatic, results-oriented.
Wat nu?
De mensen die hier goed presteren zijn degenen die zichzelf herkenden in deze beschrijving. Niet omdat ze aan elke eis voldoen, maar omdat de missie voor hen juist aanvoelde.
Wij werven actief voor deze functie. Sollicitaties worden beoordeeld door ons team, en passende profielen worden uitgenodigd voor een gesprek om de functie in detail te bespreken.