Job Description
Function Description
Responsibilities and main tasks:
Build awareness on how much risk an organization has around cybersecurity;
Support the entity in developing a multi-year cybersecurity strategy/roadmap aligned with BNP Paribas standards and Belgian/EU regulatory expectations;
Provide on-demand advise and expertise to the entity wrt. cyber risks and investment priorities;
Support BNPPF subsidiaries in breaking down complex security requirements in a hands-on and pragmatic manner;
Ensure progress is made through rigorous status follow-up of remediation actions, identify issues, collaborate toward resolution;
Facilitate collaboration between various departments within the entity, with BNPP(F) and third party service providers;
Ensure that entity’s input is aggregated in a concise, high quality end deliverable that can be shared with Senior Management and is supported by a communication kit.
Education
Master
Experience
Proven track record in designing and implementing enterprise security programs in complex, regulated environments;
Expertise in EU cyber regulations (DORA, NIS2, EBA/ECB guidelines) and international standards (ISO 27001, NIST CSF).
Business Experience
Mandatory
Solid analytical skills; ability to break-down complex issues into their key components; strong deductive reasoning (a.o. ability to map regulations to security controls/measures); ability to draw conclusions from a combination of evidence and assumptions.
Technical Experience
Preferable
Hands-On Security Guidance – ability to provide tactical support on:
Cloud security (AWS/Azure architectures)
Identity & Access Management (IAM) frameworks
SIEM/EDR deployment & threat intelligence integration
Network security & basic IT hygiene (a.o. vulnerability and patch mgmt.)
Soft Skills
Highly skilled in effectively communicating complex technical concepts to diverse audiences, from C-level executives to technical specialists;
Strong business acumen and customer-oriented;
Good analytical and synthesis skills;
Factual, results-oriented/outcome-driven and pro-active;
Self-starter capable of independent problem-solving with minimal oversight;
Ability to work in a complex environment – spanning multiple departments, entities and 3rd parties involved;
Ability to overcome set-backs and difficulties; seeks (and finds) solutions.
