Application Security – Security Test Engineer

July 1, 2024

Application Security – Security Test Engineer

Reference12351072

  • Permanent
  • IN-Maharashtra-Mumbai
  • INFORMATION TECHNOLOGY
Apply for this job

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24×7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.

About BNP Paribas Group:

 BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group’s performance and stability

Commitment to Diversity and Inclusion

At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.

About Business line/Function:

Information security and BCM team are responsible to perform the security assessment of all new/existing infrastructure and application projects. Also, responsible to assess business continuity requirement of each team and project based on the criticality and streamline the process to achieve the requirement.

Job Title:

Security Test Engineer

Date:

Department:

India IT Security

Location:

Bangalore / Mumbai

Business Line / Function:

Appsec team

Reports to:

(Direct)

Grade:

(if applicable)

(Functional)

Number of Direct Reports:

Directorship / Registration:

NA

Position Purpose

The purpose of this position is to help with the application security controls in the DevSecOps team.

Responsibilities

Direct Responsibilities

·       Analyze the Application Security controls requirements and create automation Python solutions basis on the same

·       Perform QA for the solutions created along with manual analysis

·       Create documentations for the solutions

·       Perform monitoring of the DevSecOps platforms and ensure that all the actual requirements are being followed

·       Check findings in SAST and SCA to challenge developers analysis and rational.

·       Help the team in secure coding practices and remediation of SAST, SCA vulnerabilities.

·       Ensure project processes, security policies are being followed and compliance is maintained

Note:

·       Experience in Secure Coding, Security domain will be an added advantage

Contributing Responsibilities

Technical & Behavioral Competencies

·       Strong Python coding competency

·       Minimum 1+ years of coding experience in Python or in other languages like java, .net, C++, etc. but must be comfortable to code in Python

·       Familiarity with certain Python libraries and GIT commands

·       Understanding of DevSecOps, APIs, CI/CD (Jenkins)

·       Understanding of Application Security, OWASP TOP 10, SAST, SCA, Secure Development

·       Good interpersonal and presentation skills

·       Strong verbal and written communication

·       Must be independent, self-motivated

·       Must have good analytical skills

Specific Qualifications (if required)

·       Minimum 2+ years of coding experience

  • CSSLP/CEH / ECSA/OSCP/CompTIA PenTest+ or equivalent certification preferred.

Skills Referential

Behavioural Skills: (Please select up to 4 skills)

Ability to collaborate / Teamwork

Critical thinking

Attention to detail / rigor

Ability to deliver / Results driven

Transversal Skills: (Please select up to 5 skills)

Ability to understand, explain and support change

Ability to develop and adapt a process

Ability to develop others & improve their skills

Ability to manage / facilitate a meeting, seminar, committee, training…

Analytical Ability

Education Level:

Bachelor Degree or equivalent

Experience Level

At least 3 years

Other/Specific Qualifications (if required)

Offers you may be interested in