Job Description

Business Overview:

The North America Hub is part of BNP Paribas’ global Internal Audit group (Inspection Générale) which is staffed by highly qualified individuals who perform high quality risk-based reviews of the Business, providing assurance, and when necessary, advising management to anticipate and understand otherwise unexpected risks and put in place appropriate mitigating controls.

The Internal Audit team helps senior management protect the company’s reputation by avoiding financial and reputational damage. Where it is too late to prevent failure, the team investigates the problem, helps management deal with the aftereffects, and establishes guards against re-occurrence. Headquartered in New York, the North America Hub has primary audit responsibility for BNP Paribas’ Corporate and Investment Banking activities in the United States. The audit approach follows practices prescribed by the Institute of Internal Auditors (IIA).

Candidate Success Factors:

Candidates are measured on the following four performance drivers, which will dictate how individual impact is considered on the Americas platform:

Results and Impact

Able to influence peers and team.
Demonstrates good judgement when making decisions of high complexity and impact.
Exercise appropriate autonomy in the execution and delivery of work. 
Responsible for driving outcomes, which have meaningful effect on team or department.

Leadership and Collaboration:

Creates trust with colleagues.
Acts in leadership capacity for projects, processes, or programs.

Client, Customer and Stakeholder Focus: 

Able to build relationships with a mix of colleagues and clients.
Interacts regularly with management and department leaders.
Demonstrates the ability to influence stakeholders at the team level. 

Compliance Culture and Conduct: 

Takes full responsibility for personal actions and demonstrates courage in facing problems and conflicts.
Perceived as a person of high moral character; upholds corporate values and displays high ethical standards.

Responsibilities:

Oversee direct audit coverage responsibility for the Information Technology, Information Security, and Data audit activities performed relative to BNP Paribas Wholesale activities in North America (US and Canada), supported by a team of subject matter auditors
Assess the strengths and weaknesses of the BNP Paribas North America Wholesale activities, through audits, risk assessments and continuous monitoring activities as they relate to Information Technology, Information Security, and Data Management controls, ensuring business objectives regulatory expectations are met, and risks are sufficiently mitigated
Perform risk-based audits, based on a thorough understanding of the processes and risks associated with both current and emerging technologies, and on a precise assessment of the adequacy and completeness of the GRC, both from a design and effectiveness standpoint
Evaluate the adequacy, effectiveness, and efficiency of Bank policies, procedures, and internal controls as they relate to the Information Technology infrastructure and Business Application Systems as per the terms of the Inspection Générale Audit charter and guidelines of the Bank
Follow audit professional standards and regulatory requirements in the performance of the day-to-day functions of internal auditor
Perform audits of Information Technology operating procedures and processing systems, test operating procedures and processing systems through the performance of detailed fieldwork, examine and evaluate results, assess adequacy of controls, communicate results, and direct follow-up efforts
Plan each audit prior to the commencement of fieldwork (includes meeting with IT and Bank management, discussing changes/events that have a material impact on the activity, revising/enhancing the examination program and scope as warranted)
Review work papers with particular focus on documentation and analysis to support findings
Prepare draft findings and recommendations and follow up on findings to ensure that the appropriate corrective actions were taken by reviewing and validating supporting evidence
Finalize and distribute the draft of audit findings/recommendations to auditees for internal control improvements
Lead, develop and motivate a team of auditors, while promoting a culture of independence, conduct, transparency, integrity, performance, satisfaction at the workplace, and diversity and inclusion
Encourage problem-solving and promote a constructive work environment among both audit and other Bank staff
Ensure that team members have the proper expertise and independence to conduct the required audits and investigations, with the highest integrity and conduct standards
Use the results from the skillset analysis to promote continuous training and upskilling of the audit staff
Maintain the audit universe and timely update the corresponding risk assessments, supported by a dynamic and documented Continuous Risk Monitoring (CRM) practice, including CRM over the portfolio of IT projects
Maintain a close relationship with the BNP Paribas NAR audit teams and Group Inspection Générale IT audit domain, and interact with Bank’s regulators for any matter in scope

Minimum Required Qualifications:

Proven expertise in IT/IS audit and industry best practices, in line with large complex banking organizations (minimum of 10 years of recent experience in Information Technology) 

Five (5) or more years of Information Technology operational experience
Five (5) or more years of Global Market operational experience
One (1) or more years of Information Security operational experience

Extensive experience working for large global financial services organizations, with solid knowledge of CIB business processes, notably GM, and BNP Paribas environment
Experience with banking and financial systems (preferably Trading and Settlement systems, Money Transfer systems, Compliance and Surveillance systems, etc.)
Undergraduate Degree in Computer Science, Cybersecurity or a related field
CISA (Certified Information Systems Auditor),
Strong background auditing infrastructure and applications controls
Solid experience in principles and techniques of Information Systems auditing
Understanding of management principles and the ability to recognize and evaluate deviations from good business practices
Ability to maintain effective relations between auditors and auditees, and effectively communicate audit results to a wider, non-technical audience
Strong managerial experience, promoting a culture of independence, conduct, transparency, integrity, performance, satisfaction at the workplace, and diversity and inclusion
Ability to demonstrate effective communication with regulators and management, both verbally and in writing
Exceptional analytical abilities, strong organization and teamwork skills
Ability to demonstrate business tactical and strategic thinking, as well as innovation and creativity
Excellent communication skills (verbal, written, presentation), interpersonal skills, strong facilitation and interviewing skills 
Comfort in discussing IT Controls with the bank’s management, and obtaining agreement on recommendations pertaining to technology / systems under review
Strong risk and control awareness, and knowledge of risk assessment methodology

Preferred Qualifications:

Advanced Degree, notably in Cybersecurity or IT Risk Management
CISM (Certified Information Systems Manager), and/or CISSP (Certified Information Systems Security Professional) and/or similar
Knowledge and experience with Windows and Unix operating systems, middleware, networks, databases, and emerging technologies

FINRA Registrations Required:

Not Applicable 

CFTC Swap Dealer Associated Person (if yes, NFA Swaps Proficiency Program is required):

Not Applicable 

SEC Security-Based Swap Dealer Associated Person:

Not Applicable 

While the description above describes our ideal candidate, we encourage applicants to apply even if they do not fully meet the complete list of qualifications noted.

The expected starting salary range for this position is between $200,000 to $240,000 annually. The actual salary may vary based upon several factors including, but not limited to, relevant skills/experience, time in role, base salary of internal peers, prior performance, business line, and geographic/office location.

In addition, our comprehensive benefits package aims to support our employees in various aspects of their lives. From healthcare and wellness programs to retirement plans and childcare services, we prioritize the well-being and growth of our employees. Our benefits include medical, dental and vision coverage, a 401(k) Savings Plan, backup childcare, life, accident and disability insurance, mental health support and paid time off. Additional details about our benefits offerings, inclusive of eligibility for a discretionary bonus, will be provided during the hiring process.