Job Specifications
In a changing world, unprecedented challenges require unmatched talent. Join one of Montreal's Top Employers in 2025. We are a dynamic and growing organization having its main establishment located in downtown Montreal and part of a leading international banking institution fully committed to building a more sustainable future. Note that the position may be in the Canadian Branch of BNP Paribas or in one of its subsidiaries based in Montreal.
The position at a glance
The Cyber Security Assessment Coordinator will report up through the Head of Third-Party Security and will ensure key Information Security activities that align to GROUP and CIB ICT TPTRM requirements are carried out. They will work with the Third-Party Management Office, Relationship Managers (RMs), Contract Owners and Information Security teams to make sure we track and report on required activities to remain in compliance with corporate initiatives as they pertain to ICT risks from our Third-Party Service Providers. This person will also support the broader Third-Party Security team with overall goals and objectives to improve the overall program.
In detail
The team members are responsible of the following activities:
Support Relationship Managers (RMs), Contract Owners and Information Security in complying with GROUP and CIB Corporate ICT TPTRM requirements (support RMs and Contract Owners in meetings that pertain to TPTRM activities and in understanding evidence requirements)
Coordinate efforts between RMs, Contract Owners, Third Party Management Office and Information Security to receive required evidence from vendors
Analyze received evidence to assure alignment with expected results and update RMs, Contract Owners and other stakeholders with findings
Review services provided by vendors and determine compliance requirements
Coordinate with external teams (outside Information Security) to review companywide risk control testing results and update corresponding Information Security department programs with areas of improvement.
Additional Responsibilities:
Ensure alignment with Corporate (CIB, Group) and Regulatory (NY DFS, FFIEC, GLBA, GDPR, PIPEDA, etc.) requirements for the management of Information Security program.
Analyze control frameworks (NIST, ISO, COSO) and mapping to existing Information Security workflow and processes identifying gaps and improvement of Cybersecurity controls deployed within the Americas Region.
Contribute to other Third-Party Security initiatives
Contribute to Audit campaigns (internal/external), evidence collection/review and attestation exercise when required.
Identifying and reporting/escalating potential areas of improvement.
Follow up on corrective action plans, remediation engagement and review policy/procedure, controls, testing evidence.
Perform or assist Management on Security reviews and assessments supporting Business requirement.
Work conditions: This position provides for standard working conditions in an office and a normal work schedule from Monday to Friday. This position requires little travel.
The Strengths And Skills That Will Help You Succeed
Minimum Required Qualifications:
Bachelor of Arts/Science (or similar) degree in the field of Information Security, Computer Science, Information Technology (or similar) from an accredited college or university, or equivalent work experience
0-3 years of experience
Background in/Understanding of Information Technology, Audit and/or Information Security
Knowledge of Information Security functions (e.g. application security, 3rd party security, data loss prevention and detection, vulnerability management, identity and access management, incident response management, and network architecture).
Understanding of what controls are and how they are developed and tested
Good communicator with strong analytical, verbal and written communication skills.
Ability to adapt to changing priorities, handle multiple assignments, and adhere to deadlines.
Proficiency in organizational and documentation skills, and able to coordinate with multiple teams.
Outgoing and self-promotion
Proficiency in using Microsoft PowerPoint, Excel, and other Microsoft Office tools.
Given the vast majority of our clients, both internal and external, are based outside of Quebec and Canada, specific language requirements may apply. Knowledge of the English is required.
Preferred Qualifications:
Master's degree in Information Technology, Cyber Security or Computer Science.
Experience in program and project management
Speaking French/Spanish is a plus.
What's In It For You
In addition to competitive compensation, we offer flexible benefits including a family and spouse insurance program, a defined contribution pension plan and paid days for volunteering. Hybrid work arrangements are available for most positions. In-office presence is required a minimum of 3 days per week, one of which must be on a Monday and/or a Friday. BNP Paribas provides excellent training and personal devel
About the Company
BNP Paribas is a leading bank in Europe with an international reach. It has a presence in 65 countries, with more than 190,000 employees, including more than 145,000 in Europe.
BNP Paribas holds leading positions in its three major operating divisions:
Commercial, Personal Banking & Services for all the Group’s retail banking networks and several specialised businesses, including BNP Paribas Personal Finance and Arval;
Investment & Protection Services for savings, investment and protection solutions;
Corporate & Instit...
Know more