BUSINESS INFORMATION SECURITY: APAC DATA LEAKAGE PREVENTION (DLP) BUSINESS ANALYST - BNP Paribas

Job Reference: 1
Employer/Agency: BNP Paribas
Location: Singapore
Experience:
Salary/Package: On application
Job Sector: General Management & Consulting
Date Posted:
Closing Date:

About BNP Paribas in Asia Pacific (www.apac.bnpparibas)
In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 15,000 employees* and a presence in 14 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.

Worldwide, BNP Paribas has a presence in 74 countries with more than 190,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.

BNP Paribas offers you an exciting career opportunity in an international, challenging business environment characterized by high pace and diversity with focus on creating valuable relations with our customers. We offer a competitive salary & benefits package and also an excellent work environment where you're valued as part of our team!

* excluding partnerships


Position Purpose

Data Leakage Prevention (DLP) is being enhanced through the analysis and design of new policies and controls, delivering benefits to businesses and functions throughout the Bank.

The DLP BA drives business outcome by coordinating the analysis of multiple business requirements, as well as the end-to-end testing of new data controls.
The DLP BA maintains a very high level of stakeholder engagement, performs prioritization of the data control roadmap, and delivers clear reporting to management.


Responsibilities

• You assist stakeholders in understanding data privacy and data confidentiality requirements from business and regulatory standpoints
• You endeavour to meet regulatory and TRM guidelines as they apply to data security throughout data life cycle (especially HKMA and MAS)
• You collect reference data sources to be used in DLP controls. Whenever such reference data is not available, you suggest automated (AI, machine learning) algorithms to create inventories of ‘trusted’ data
• You set up and conduct workshops with business and functions representatives in order to perform risk assessments, to document data flows and data protection scenarios
• You agree with business process owners on use cases where DLP tools can be effective in the protection of their data assets
• You strive to understand risky data communication from applications, and you partner with IT Security Risk Management to bring DLP as part of application security assessments
• You lead the statistical analysis of large volumes of data (in transit, at rest) in order to identify risky patterns and behaviors to be addressed by controls
• You prioritize all collected ideas and requirements on a roadmap, which you use to communicate DLP maturity plan within the organization
• You manage change requests while limiting their impact on the project
• You perform functional testing and obtain sign‐off of DLP policies and processes in order to guarantee a robust solution is delivered
• You escalate risks and issues to stakeholders and management, and you propose and execute mitigation plans
• You contribute to the production of DLP KPI, KRI, and dashboards, including for Steering Committee meetings
• You design and document processes and procedures and contribute to the training of end-users
• You contribute to maintaining and enhancing BNP Paribas Operational Permanent Control


Technical & Behavioral Competencies
Technical competencies
• You have acquired practical experience of DLP through your work. In particular, you have performed risk assessments and gathering of data protection requirements. You may also have experience in an audit or a compliance role.
• You have a proven experience in documenting business requirements with accuracy and clarity
• You have an excellent understanding of data protection challenges within a large organization
• You are familiar with regulatory requirements on data privacy and data protection in major APAC countries (at least SG, HK)
• You have a capacity to conceptualize and model data controls in non-technical terms
• You may also hold security certifications
Behavioral competencies
• You are a high-energy individual with a strong drive to deliver tangible benefits to the Bank
• You have perfect mastery of English, you have outstanding interpersonal skills and are comfortable engaging senior stakeholders over the phone and face-to-face
• You are confident and able to influence others. You can lead a group to consensus while handling situations of conflict
• You are a good listener and are able to communicate technical topics using business terms
• You are analytical, can translate analytical thinking into solutions and present them to stakeholders and management
• You have excellent time management and are able to multi-task
• You are creative and resourceful, and you are comfortable with ambiguity
• You are a strong team player. You foster cooperation, communication and commitment among groups and teams
• You are able to handle highly sensitive information in a very professional and confidential manner
Specific Qualifications (if required)
Prior exposure to:
• International banking
• Technology, tools, policies, and standards related to data protection and data breach incident response
• Business analysis in the area of data identification and classification for the purpose of data protection
• Legal and regulatory aspects surrounding data protection, electronic discovery and analysis
Other qualifications:
• Bachelors or Masters Degree
• Excellent level in verbal and written English is essential
• Knowledge of French and/or an Asian language is a plus
• CISSP, CISM or CISA certifications preferred

Primary Location: SG-Singapore-Singapore
Job Type: Standard / Permanent
Job: PROCUREMENT OR SECURITY OR FACILITIES MANAGEMENT - Business Activities: Support functions
Education Level: Bachelor Degree or equivalent (3 years)
Experience Level: At least 3 years

Connect To Us