IT Risk Officer

Since 2008 BNP Paribas Cardif in Turkey has been a leading provider of protection insurance products such as Credit Card Protection, Credit Protection, Income Protection, Personal Accident/Life, Device Protection and Extended Warranty, thanks to its experience and its inclusion in a widespread global network, as well as its strong capital structure. On October 12, 2010, BNP Paribas Cardif Emeklilik began to offer private pension products to its customers through TEB and Agency network. Cardif Turkey has become a platform for providing comprehensive insurance services in the market in a short time with its broad product portfolio and international vision. Our vision: To be the insurance company that creates the most value for its customers with our expertise and innovative solutions.

Our mission: We are here today and tomorrow to protect what is valuable for you. What Makes You A Perfect Fit. · Knowledge of IT risk management and analysis methods · Good knowledge of IT organizations and professions · Relevant IT technical knowledge · Experience with internal / external Security and Governance audits · Use of Corporate and Group tools related to IT Risk management · Ability to conduct professional discussions face-to-face or on the phone · Ability to adapt communication to material relevant to varying audiences (IT and non-IT), and the situation · Be educational and effective in communication · Have the ability to provide advice / recommendation / judgment by taking a step back and looking at the overall picture · Ability to identify and engage resources and coordinate their intervention, working in teams and / or across multiple teams · Ability to accurately evaluate a situation and facts · An understanding of best practices for Incident handling, security investigation processes and techniques · Experience with the latest information security threats & vulnerabilities and appropriate counter measures · Experience with, and in-depth understanding of security vulnerability tools, techniques, and standards used to conduct penetration testing · Knowledge of regulations and frameworks related to IT Security and Personal Data Protection will be an asset · An understanding of CIS20, NIST, ISO 27001/22301 and SOC 2 frameworks · Security related degrees and/or relevant industry qualifications such as CRISC, CISSP, CISA, CISM, CIS20, CEH and OSCP, or equivalent What Makes You A Great Team Player · Embracing customer first aproach, able to enhance trustworthy relationships with customers and understand their needs · Strong entrepreneurial spirit · Speciality, having desire to learn her / his job’s whole domains and being dominant of the job · Empathy · Innovativeness, capacity to think from innovative approach · Ethics, comply with the ethical standards At BNP Paribas Cardif You Will · Perform IT Risk Analysis, to identify and assess the risk to IT and applications · Ensure reporting to relevant stakeholders for IT risk management those risks that have a “material” impact on the objectives or results, and are of a nature that requires the stakeholder’s attention · Identify the means and follow action plans to respond to IT risks, by ensuring the completeness and exhaustiveness of the action plans, ensuring the follow-up of progress, and updating regularly the status of each IT risks in corresponding logs · Manage the process for acceptance of IT Risks, ensuring that the non-tolerable IT risks are formally accepted by the relevant stakeholders and monitored following the defined process · Oversee and report on the output of control activities relating to IT risk conducted by the first line of defense · Analyze the results of the controls to identify specific risks and register them into the IT Risk Register or the Group Risk Register (as appropriate) · Organize regular IT Risk committee in order to provide to relevant stakeholder with challenge of the IT Risks status · Oversee the closure of recommendations issued by the internal or external auditors and / or control functions in accordance with the objectives of risk coverage and planning · Monitor the conformity level for all IT governance rules with declaration of any non-compliance. · Review and assess the analysis of significant incidents by the first line of defense to help estimate the level of operational risk · Review the output of IT Risk Maturity Evaluation · Review and challenge the IT Risk Mapping · Ensure communication and awareness on good IT risk management practices At BNP Paribas Cardif You Will Find · Various online technical trainings for you to sustain your professional development · Internal career opportunities · Career development opportunities through horizontal career path · Comprehensive private health insurance · Flexible working hours and home office · Online well being workshops, classes and wellness activities for the employees · Hybrid working · A paid birthday leave to use on the day after · An orientation program for you to adapt BNP Paribas Cardif with full extent along with an assigned Buddy to assist you on anything you might need

Source ⇲