BNP Paribas Overview
BNP Paribas has a presence in 75 countries with more than 185,000 employees, including 145,000 in Europe. It ranks highly in its two core activities : Retail Banking & Services and Corporate & Institutional Banking.
At BNP Paribas, we work continuously on behalf of our clients, helping them to realize their projects around the world. You can be an important part of this, helping us to serve our clients both in mature and emerging markets, providing them with financial solutions across a diverse range of expertise, products and services.
Our origins lie in Europe, but nearly a quarter of our employees now work in our multi-award-winning Asia Pacific offices and we are a committed player in all markets.
Strong risk management, combined with the stability that comes from being part of one of the largest banking groups in the world, underpin our success.
Joining us, you’ll become an integral part of a dynamic team that spans nationalities, cultures and backgrounds, drawing together people from around the globe and reflecting our commitment to international placements.
Department Overview :
The Information and Communications Technology Risk department is part of the Group Risk Functions within BNP Paribas. It is a part of the 2nd line of defence under the Bank’s Chief Cyber & Technology Risk Officer.
The department has responsibility for identification of key technology risks to the Bank and influencing business and technology partners to take sound risk management decisions.
This is achieved by delivering :
Application & Infrastructure Risk Assessments working with the Business and Technology teams to identify security issues in existing and new systems, and agree corresponding actions to mitigate or accept risks
Tracking issues and agreed actions to completion
Horizontal and Vertical Risk Assessments
Assessing technology risks in relation to a particular theme or technology across the third party suppliers. Examples could be assessments of the firewall change process, applications processing >
$5m per day, applications hosted in the cloud, etc.
Assessing risks to a product, service, technology or infrastructure. For instance we may complete a vertical assessment on our remote working solution (including Infrastructure, applications, data, threats etc.
or our Internet connectivity
Partnership to the Business and Technology teams in helping them understand their technology risk profile and influencing their risk management decisions.
Key Responsibilities :
The ICT Risk Intelligence team provides BNP Paribas with a unified global 2nd line oversight capability to detect, analyze and investigate cyber threats to the Bank, to support and inform Cyber and IT risk management decisions.
ICT Risk Intelligence harnesses intelligence, analytics, technology, investigation, information sharing, and public-private partnership to achieve this end, always seeking the most effective and efficient means.
As a Head of Technology Risk Analytics within the ICT Risk Intelligence team, you will use machine learning and other data science techniques to assist in protecting banks assets by detecting potential cyber threats and alerting on potential ICT risks.
You will do this by leveraging supervised and unsupervised machine learning, anomaly detection, behavioral modeling, NLP, data visualization and descriptive analytics.
You will work very closely with various ICT Risk Intelligence and RISK ORC ICT stakeholders across the globe to achieve these objectives.
The ICT Risk Intelligence objective is to preempt, detect and respond to cybersecurity threats through the use of actionable intelligence gained from our internal and external environments.
An underlying driver for ICT Risk Intelligence is also to strengthen and enable secure and solid business decisions to be made before future projects across the board are authorized and implemented.
A successful candidate will have beyond the technical skills, the ability to articulate a story leveraging data and to solve problems using the data.
We are looking for individuals with a proven track record in data science or big data projects. Key responsibilities include :
Using advanced analytical skills develop the new Risk Intelligence Platform, through which it intends to pro-actively search for cyber threats or un-
detected ICT Risks that are not potentially detected by the bank’s current suit of monitoring tools.
Working at the leading edge of analytics, apply the best possible combination of applied mathematics, statistics, advanced computing (machine learning, artificial intelligence), visualization and data engineering to the area of combatting cyber threats.
Bring the ability to work with extremely large, complex data sets. The ability to merge large data sets, to generate insight from those data sets and to be able to visualize those insights for both technical and non-
technical audiences and users.
Demonstrate a strong desire to develop and use technical skills.
Be able and willing to use advanced computing assets in order to achieve real practicable results. The candidate must be able to handle areas of uncertainty.
Manage, transform and cleanse high volume data
Collaborate with Head of Cyber Risk Intelligence and incident response teams on evolving threats and their detection
Formulate, build, test, and document proofs-of-concept for new techniques in threat detection.
Identify proactively behavior and trends that could be indicative of ICT Risk; then seek to develop models to understand and detect risk patterns.
Automate analysis to proactively alert on high risk activity on an on-going basis
Use emerging and open source technologies such as Spark, Hadoop, and Scala
Collaborate on scalability issues involving access to massive amounts of data and information
Produce components for advanced analytics, matching, search and visualization on big data.
Identify new data sources and evaluate emerging technologies for data discovery usage
Facilitate in the development of data science processes as the team expands.
Leverage existing algorithms to identify trends buried in big data.
Use real-time and historical data to solve real-world cyber security problems.
Select and incorporate appropriate data mining and analysis techniques to solve specific problems.
Maintain cutting edge knowledge of data science techniques and practices.
Conduct and document rigorous exploratory data analyses of potential source datasets.
Consult with and / or assist in engineering scalable, production-ready software for proven techniques.
Education and Experience
Bachelors or Master’s Degree in Mathematics, Computer Science, Economics, or related fields.
Proven work experience involving quantitative data analysis to solve problems
Passionate about insights as well as big data, coupled with the ability to communicate findings to relevant stakeholders
Experience with statistical programming environments like R, SQL, Python would be an advantage
Proven big data experience, either from an implementation or a data science prospective
Strong executive stakeholder facing, communication and presentation skills,
Proven track record or demonstrable agility in providing value, gained through data science, to a large organization using complex datasets.
Experience in predictive modelling, machine learning, or data mining.
Experience wrangling unstructured data.
Familiarity with event logs a plus.
Experience with Splunk, Kafka, and Scala a plus.
Specific domain expertise in the area of combatting cyber threats would an advantage.
Knowledge and Skills
A combination of applied mathematics, statistics, advanced computing (machine learning, artificial intelligence), visualization, data engineering.
Working knowledge of Big Data statistical analytics tools (e.g. Python, R, Scala)
Experience in Big Data Analytics landscape and technology trends (e.g. Spark, Hadoop, NoSQL, SQL)
Familiar with leading visualization tools (e.g. Tableau, Qlikview, Spotfire, D3.js)
Ability to test hypotheses from raw data sets and draw meaningful conclusions
Deep and broad statistical modelling expertise in various domains
Good communication skills, with proven ability to work cross functional teams to translate business issues into potential analytics solutions
Can communicate / present fluently to audiences at differing ability levels on fields outside of their own technical domain
Demonstrable interest in the cyber threats and context
The role holder will be potentially writing code for the application of advanced analytics in the area cyber threats and must be able to critically interpret and analyze the results produced.
Strong understanding of security, including threat propagation and signal correlation.
Experience in applying big-data techniques to security, specifically in anomaly detection, pattern recognition, behaviour-
based analysis, and correlation.
Good coding experience in the likes of Scala, Java or Python
Machine learning Libraries Spark ML, scikit-learn, xgboost, Tensorflow + Keras, GraphFrames
Be a role model, supporting and fostering a culture of good conduct.
Demonstrate proactivity, transparency and accountability for identifying and managing conduct risks.
Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure.
Please note that all applicants must disclose whether that they possess the right to work in the U.K. as per the Immigration, Asylum, and Nationality Act of 2006.