Business Analyst (APAC Identity %26 Access Management Focus) (EOI)

Bnpparibasgt (Hong Kong, Hong Kong) 22 days ago

In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 17,000 employees* and a presence in 13 markets, BNP Paribas provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.

Worldwide, BNP Paribas has a presence in 73 markets with more than 196,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. Asia Pacific is a key strategic region for BNP Paribas and it continues to develop its franchise in the region.

BNP Paribas offers you an exciting career in an international business environment that is fast-paced, diverse and focuses on creating high-value relationships with our clients. We offer competitive salary and benefits, as well as a working environment where you’re valued as part of the team.

* excluding partnerships

[...] Purpose

The key business objectives of our Identity & Access Management (IAM) program are:

• To implement effective controls over the assignment and removal of user privileges

• To ensure both visibility and compliance of user accesses

• To allow businesses to grant and recertify user accesses efficiently without compromising security, enabling collaboration, enhancing productivity, and reducing operational costs

The IAM BA/PM drives business outcome and coordinates multiple initiatives, maintaining a very high level of stakeholder engagement and a clear reporting to management. Once projects are completed, the BA/PM also handles a smooth transition to the ‘business-as-usual’ phase.


1. Project Management & Business Analysis – for IAM projects or initiatives under your responsibility:

o You provide functional expertise to define solutions that meet the needs of business and operations

o You assess feasibility and identify the best set-up and the necessary level of controls to minimize operational risk

o Through close interactions with business stakeholders, you analyze and document business requirements, communicate and explain them effectively to all departments involved in the project, and confirm business value

o You estimate effort for the scope of work

o You set expectations and project governance at kick-off and monitor adherence and compliance throughout the project

o You deliver IT projects from study to post-implementation support, within the agreed budget and schedule without compromising quality

o You manage project dependencies, escalate risks and issues to stakeholders to overcome challenges, and you propose and execute mitigation plans

o You provide clear communication and status reporting to senior management, and obtain decisions on strategic questions

o You limit the impact of change requests to the project by prioritizing requests and leading stakeholders to a consensus on deliverables

o You perform functional and non-functional testing in order to guarantee a robust end-user solution is delivered

o You handle or contribute to interactions with vendors and external parties

o You design and document processes and procedures, and train users to apply them efficiently

2. Governance of controls

o You establish and maintain governance and controls around People Data and User Access Management

o You assist the APAC IAM Lead in the improvement of the User access process: working with different teams, identifying best practices, defining an APAC process framework and coordinating its deployment with the IT Security community in APAC

o You define and validate the segregation of duties matrix for access permissions with IT Application Owners and Resource Owners

3. Operational controls – For processes and controls under your responsibility:

o You manage and follow‐up user access right exception requests, ensuring there is no breach in segregation of duties, and challenging line managers when required

o You coordinate application on‐boarding in the Access Control tool with respective teams

o You support control teams to meet defined KPIs/KRIs and to produce Control dashboards

o You verify and sign off KPIs/KRIs and Control dashboards and you alert the APAC IAM Lead when controls are not completed or not accurate

o You assist the APAC IAM Lead to improve the User Access controls setup by measuring control effectiveness, the efficiency of operational incident identification, and the level of service

o You ensure official data maintenance rules are respected (according to Standard Operational Procedures) by HR, Local correspondents and the Staff Directory admin team

o You manage and follow‐up on periodic data quality control for the people data referential

4. Compliance & Support

o You coordinate closely the contribution of stakeholders within and outside of IT Security to ensure that the IAM environment is operational

o You verify that APAC applications & processes are compliant with Global Security Policies

o You review exceptions requests in order to minimize the number of such exceptions

o You escalate to Management and/or Operational Risks & Permanent Control any issue identified. You report all incidents according to the Incident Management Guidelines

o You support APAC IT teams during audits (Internal, external, regulatory)

o You actively coordinate and cooperate with other IT, IT Security and Business Security teams (local, global and regional) to ensure best practices, and smooth deliveries

o You work closely with Global CIB Security sponsor to follow‐up on strategic projects and security issues

o You contribute to Security quality and process improvement generally.

o You contribute to the transition of cleanup initiatives into projects ﴾e.g. Business Roles remediation, Resource ownership cleanup, Contractors leaver access cleanup, FRC violations cleanup, Overseas access cleanup﴿

o You contribute to the maintenance of APAC IAM documentation

o You assist the Head of APAC IAM and APAC BIS to prepare the APAC Security steering committee meetings and various TRM meetings: you provide required updates and you follow up on identified actions

o You provide statistics and figures towards the Global Security dashboard which covers user access recertification, application reconciliation and key figures on User Access framework

o You remain fully aligned with the Permanent Control framework and the Conduct framework

Technical & Behavioral Competencies

o You have a solid understanding of Identity and Access Management control framework

o You are a high-energy individual with a strong drive to deliver tangible benefits to the Bank

o You have perfect mastery of English, you have outstanding interpersonal skills and are comfortable engaging with senior stakeholders over the phone and face-to-face

o You listen attentively and seek clarification when required

o You are confident and able to influence others. You can lead a group to consensus while handling situations of conflict

o You have knowledge of project management and risk management, and solid track record of delivering on target

o You have excellent time management and are able to multi-task. You effectively manage priorities

o You are analytical, can translate analytical thinking into solutions and present them to management

o You are experienced in managing and processing data in with advanced Excel functions

o You are able to produce clear report (KPIs, KRIs, dashboards, charts, data visualization in general…)

o You are creative and resourceful, and you are comfortable with ambiguity

o You are motivated and can work independently

o You are familiar with process analysis and improvement, drafting of workflows and procedures

o You are Innovative and creative and look at the big picture

o You give attention to detail

o You can multi-task and keep multiple initiatives on‐track simultaneously

o You are pragmatic and result-oriented

o You are capable of adapting to a new environment and to work under pressure towards tight deadlines

Specific Qualifications (if required)

o At least 3 years of experience in IT Risk & Security

o Previous experience in the Finance industry is a must (2‐3 year experience in large/international banks)

o Bachelor or Master Degree in Computer Science or equivalent discipline

o Fluency in English ﴾French or an Asia language is a ‘plus’)

o IT Security certification preferred (CISM, CISA, CISSP, ISO27001, etc.)

Primary Location: HK-Hong Kong (HK)-Hong Kong

Job Type: Standard / Permanent


Bachelor Degree or equivalent (%3E= 3 years)
At least 3 years


Business Analyst (APAC Identity %26 Access Management Focus) (EOI)

Apply On Company Site
Back to search page