Madrid, MD
Hace 30+ días


Job Description

The Group Data Protection Office (GDPO) - Governance, Framework & Reporting department, is part of the Group Risk Functions within BNP Paribas. Integrated within the Global Iberian Centre of Excellence, this department is responsible for:

  • Establish the governance for Group Data Protection Office Teams
  • Coordinate to provide 2LoD (second line of defense) review and challenge of 1LoD framework
  • Development and maintenance of 2LoD Personal Data Protection framework
  • Ensure alignment with wider RISK procedures, governance, roles & responsibilities and reporting
  • Consolidate reporting from other GDPO teams
  • Set out, maintain and deploy DP tooling strategy in alignment with Group DP procedures and RISK framework
  • Design, configuration, change management and support for Service Now platform
  • Alignment and interface of Service Now Platform with other Group tools


The Group Data Protection Office (GDPO) - Governance, Framework & Reporting team plays an integral role in managing data management risks within the Bank. Your day-to-day responsibilities as GRC ServiceNow Architect:

  • Lead support and change work on Service Now including user access requests, fixing bugs, configuration of changes, implementation of new functionalities
  • Review and analyse Service Now production data and ensure data quality controls are in place
  • Collect, understand and discuss business requirements, then define technical design to support the business process in Service Now
  • Actively participate in the end-to-end Service Now projects including support
  • Develop comprehensive test scripts and perform regression testing
  • Recommend ways to improve current process/ configurations by monitoring user feedback and exploring the tool
  • Support in future tool upgrades
  • Keep up to date on Service Now new features and limitations
  • Produce and update supporting documents surrounding tooling: support model, change management process, etc.


  • Trained Service Now system administrator
  • Preferred knowledge on GDPR regulation
  • Preferred knowledge of GRC concepts and tools
  • Minimum 3-4 yearsrsquo; experience in GRC projects or similar
  • Experience of formal document creation, such as the creation of presentations, reports or procedures
  • Presenting documentation in a professional and well-structured format
  • Strong MS Office skills (core applications)
  • Must have good proficiency in English language
  • Good proficiency in French language (preferred)


  • Be a role model, supporting and fostering a culture of good conduct
  • Demonstrate proactivity, transparency and accountability for identifying and managing conduct risks
  • Consider the implications of your actions on colleagues, partners and clients before making decisions, and escalate issues to your manager when unsure.


  • Good understanding of personal data protection principles
  • Ability to communicate effectively with both internal and external stakeholders
  • Showing initiative to manage own research efforts
  • Ability to independently trouble shoot issues raised by end users and provide timely and efficient administrative solutions;
  • Ability to communicate effectively with both internal and external stakeholders;
  • Flexibility when dealing with multiple stakeholder requests, delays in implementations;
  • Ability to meet strict deadlines to maintain data quality within our target tools;
  • Showing initiative to manage own research efforts;
  • Team-player ndash; focus on the success of the whole team. Working well both with others, as well as individually;
  • Ability to co-operate and work well with others adopting an approachable style ndash; Important as we work closely with a large and diverse set of suppliers and customers;
  • Adapting personal approach to suit situations, individuals, groups and cultures. Is flexible in relation to getting the job done;
  • Taking accountability for their actions and be open and honest when things have gone wrong, and celebrating successes when things have gone well;
  • Being rigorous and thorough ndash; especially when logging and tracking issues through to conclusion.