IT & Cyber Internal Audit - Risk Officer

In a changing world, unprecedented challenges require unmatched talent. Join one of Montreal's Top Employers in 2024. We are a dynamic and growing organization having its main establishment located in downtown Montreal and part of a leading international banking institution fully committed to building a more sustainable future. Note that the position may be in the Canadian Branch of BNP Paribas or in one of its subsidiaries based in Montreal.

**The position at a glance**

The US/Americas ITO CCO (Chief Control Office) department covers the following areas: IT & Cyber GRC (Governance, Risk and Controls), 1LOD Reviews, Program Management, ITO Chief Data Office, and Voice and Record Keeping Program. As part of CCO team we ensure:

- The management of governance, risk, and controls for the key IT & Cybersecurity activities
- The oversight of all IT & Cybersecurity internal and external audits, and regulatory examinations
- The predictive sustainability management of the control framework
- The ITO data management of record keeping and disposal, trade regulatory reporting and voice & e-Com record keeping.
- Results and Impact
- Leadership and Collaboration
- Client, Customer and Stakeholder Focus
- Compliance Culture and Conduct

**In detail**
- Coordinate audit reviews (Internal & external reviews) with a focus on ensuring auditors’ expectations are addressed.
- Monitor the remediation around control weaknesses to ensure appropriate and timely resolution.
- Review control documentation to ensure that documentation meets policies and procedures.
- Identify issues with documented processes.
- Analyze medium to large data sets to ensure control is working as documented.
- Provide recommendations to improve quality of control.
- Provide advice to the management with respect to internal controls and risk.
- Interact with IT Risk Management, internal and external auditors on new findings and advice on execution and closing criteria.

**The strengths and skills that will help you succeed**

Required Qualifications:

- Minimum of five (7) years recent experience in Information Technology audit or IT/Cyber Risk & Control
- Undergraduate Degree in Computer Science or related field
- In-depth knowledge and experience in IT risk & controls
- Advance knowledge of Microsoft Excel, familiarity with PowerPoint and SharePoint
- Exceptional analytical abilities and attention to detail (i.e., examine large volumes of data) in order to identify potential control deviations.
- Ability to recognize and evaluate deviations from good business practices, policies and procedures.
- Strong organization and teamwork skills
- Excellent communication skills (verbal, written, presentation) and interpersonal skills.
- Comfort in discussing IT & Cyber Controls with bank’s management.
- Ability to manage and multi-task to coordinate across multiple simultaneous projects and teams.
- Ability to work independently.
- Ability to demonstrate business tactical and strategic thinking, innovation and creativity.
- Given the vast majority of our clients, both internal and external, are based outside of Quebec and Canada, specific language requirements may apply. Knowledge of the English is required.

Preferred Qualifications:

- CISA (Certified Information Systems Auditor)
- CISM (Certified Information Systems Manager), and/or CISSP (Certified Information Systems Security Professional)
- One (1) or more years of Information Technology operational experience
- One (1) or more years of Information Security operational experience
- Familiarity with FFIEC IT Examination Guidelines (e.g., Development and Acquisition IT Handbook)
- Knowledge and experience with Windows and Unix operating systems, middleware, networks, databases, and emerging technologies
- Experience working in large global financial services organization (preferably Investment Banking / Asset & Wealth Management, etc.)

**What’s in it for you**

In addition to competitive compensation, we offer flexible benefits including a family and spouse insurance program, a defined contribution pension plan and paid days for volunteering. Hybrid work arrangements, such as remote working up to 50% and flexible working hours are available for most positions. BNP Paribas provides excellent training and personal development programs, as well as opportunities for career development within the company and internationally.

To find out more about our range of benefits, click here
- (Opens in a new tab)

**What you need to know**
- You must be legally eligible to work in the Greater Montreal area and, if applicable, hold a valid work or study permit. Physical presence in BNP Paribas’ office(s) is an essential function of this position;
**Diversity, Equity and Inclusion (DE&I) at the heart of our commitments**

At BNP Paribas all employees are on an equal footing allowing us to create a work environment that values and respects people for their talents, skills and competences.

BNP Paribas recruits, employs, t