Overview Join to apply for the CIB AI and Data Protection Expert role at BNP Paribas CIB .
The AI and DP Expert acts as the second line of defence for all CIB AI initiatives carried worldwide, overseeing and supervising data privacy risks and regulatory requirements related to AI (e.g., GDPR and AI Act). The role coordinates with the first line of defence, Group Data Protection, and within RISK ORM CIB to support AI governance and data protection across CIB projects.
The AI and DP Expert provides opinions on privacy and fundamental rights for AI use cases, supports the DPO and Data Protection Correspondents (DPCs) with guidance, and checks AI projects against privacy risks using AI technical knowledge.
Key Responsibilities Provide guidance on AI and Privacy aspects within RISK ORM CIB; support CIB DPO, DPCs, and BNP Paribas Group DPO team; contribute through documented RISK Opinions for AI and privacy topics.
Act as AI regulatory and technical expert with understanding of applicable AI regulations.
Serve as the central privacy expert for AI use cases across RISK ORM CIB.
Advise on the implementation of the Group AI Framework within CIB to meet regulatory AI requirements.
Attend AI-related meetings and committees with internal stakeholders to identify, discuss and assess AI project risks.
Perform second line of defence challenge to the first line of defence.
Supervise Privacy by Design from a technical and security perspective (e.g., pseudonymization, data minimization).
Monitor and review AI architectures to identify privacy risks (e.g., data segregation).
Review and advise on technical data protection measures within AI systems (e.g., encryption, tokenization).
Provide technical opinions regarding privacy assessments and documentation (e.g., ROPAs, DPIAs, LIAs).
Interlock with and challenge the first line of defence on ongoing AI projects.
Provide technical advice on AI risk remediation and remediation actions.
Contribute to AI literacy strategy across CIB teams.
Support DPOs and DPCs to define future setup within CIB to monitor AI projects under governance.
Oversee KPIs to monitor AI risk evolution and framework effectiveness.
Contribute to role development by validating data protection requirements for new AI initiatives.
Propose recommendations for continuous improvement of AI risk management processes.
Ensure regular reporting to DPO and RISK ORM CIB about AI initiatives.
Alert DPO when an AI initiative is under operational risk and propose corrective solutions.
Experience And Skills The successful candidate will have a proven track record of developing, implementing and managing AI projects in global organisations, with robust knowledge of AI regulations and frameworks. Prior operational risk management experience and exposure to the Banking industry are a must. The role requires interaction with CIB, RISK and Control Functions senior management. Change management experience is important as AI initiatives transform the business. Familiarity with the AI regulatory context is required.
Other Required Skills Team-player with a focus on overall team success; able to work well with others and independently.
Strong stakeholder management, listening and analytical skills.
Able to collaborate with diverse stakeholders and balance business needs with security considerations.
Clear communication, executive presence, and ability to convey complex concepts to non-technical audiences.
Fluent English.
Specific Qualifications Required Engineer in Computer Science, Telecommunications, or similar; degree in Engineering/Technology.
7+ years in IT roles involving advising, reviewing, or designing IT solutions (e.g., Data Scientist, IT Architect, IT Consultant, IT Auditor).
Experience with cloud environments (public/private/hybrid) and cloud components (e.g., AWS, Azure; Docker, Kubernetes, Hadoop, S3).
Experience with AI types (e.g., Generative AI, Computer Vision) and technologies (LLM, CNN).
Knowledge of cybersecurity measures (IAM, anti-DDoS, EDR) with data protection focus (IAM, DLP, IRM, Encryption).
Ability to detect, assess, and suggest remediation for IT and cybersecurity risks.
Applied knowledge of Privacy and Data Protection / GDPR principles (e.g., data minimization).
IT certifications (e.g., AWS Certified Solutions Architect) and/or cybersecurity certifications (e.g., CISSP) are advantageous but not mandatory.
Conduct Be a role model, supporting and fostering a culture of good conduct.
Demonstrate proactivity, transparency and accountability for identifying and managing conduct risks.
Consider implications of actions on colleagues, partners and clients; escalate issues as needed.
Take responsibility for the team’s conduct and conduct risks.
Seniority level Mid-Senior level
Employment type Full-time
Job function Information Technology
Notes: This refined description excludes non-job-related boilerplate and extraneous date/location clutter while preserving the core responsibilities and qualifications.
#J-18808-Ljbffr