ITG Ops – FORTIS – Web Security & Hosting

March 14, 2024

ITG Ops – FORTIS – Web Security & Hosting

ReferenceBNP024539

  • Standard / Permanent
  • IN-MH-Mumbai
  • INFORMATION TECHNOLOGY
Apply for this job

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24×7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.

About BNP Paribas Group:

 BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group’s performance and stability

Commitment to Diversity and Inclusion

At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.

About Business line/Function:

BNP Paribas IT teams are providing infrastructure, development and production support services to all applications used worldwide by all business lines. There is a great variety of technologies and infrastructures from legacy systems to cutting edge Cloud technologies.

Within BNP Paribas Group IT, the filiere “FORTIS” oversees operationally to the challenges of IT applications with an end-to-end vision and consistently across the Bank. Several domains of these filiere contribute to this, including the domain “Service Offering DevOps”, which provides the DevSecOps platform for IT Group, Control Center, DB Activities and move to Cloud project.

BNP Paribas Fortis is a bank that is responsible and socially committed. The environment, diversity, cultural support, sponsorship… Through various and concrete ways, we are dedicated to meeting our customers’ expectations and proud to demonstrate our values: responsible, human, innovative and enthusiastic.

Job Title:

Application Production Support

Date:

MAr 2024

Department:

BNPP ITG

Location:

Chennai

Business Line / Function:

FORTIS

Reports to:

(Direct)

BNPP

Grade:

(if applicable)

(Functional)

ITGP/FORTIS

Number of Direct Reports:

Directorship / Registration:

NA

Position Purpose

The Web Application Firewall squad within IT Middleware Services Tribe will work together with the existing Web Security and Authentication, Web Design and Secure Gateways squads for the technical design, installation, set-up, industrialization, management, support and documentation of the BNP Paribas Fortis Web Security Infrastructure.

BNP Paribas Fortis needs a Web Application Firewall Security Expert to strengthen the Web Application Firewall squad, which works closely also with Cyber Defense to protect the company’s online banking applications.

Responsibilities

Direct Responsibilities

·         Building, testing, deploying, analyzing, administering, and maintaining enterprise F5 Platforms with a focus on Reverse Proxy, Authentication, Monitoring & Protection (RAMP) services

·         Configuring, conducting, and managing the F5  LTM module

·         Configuring and maintaining the F5 ASM module (security policies, updates, new applications integration…)

·         Develop, maintain and optimize customized F5 iRules and scripts

·         Assist application developers and enforce secure coding best practices.

·         Technical testing of significant maintenance, operational, upgrade activities and process enhancements/updates

·         Automating configuration and implementation activities

·         Design, deliver and support the integration layer between operating systems and business applications.

·         Integration of web application in the Web Infrastructure for the intranet as well as for the DMZ.

·         Share knowledge with colleagues on technology subjects, solutions, best practices on vendor specific and also on generic security components

·         Establish and document installations, guidelines, policies and procedures for relevant stakeholders.

·         Assist in production support (incident, problem and change management) for the Web Application firewall squad.

·         Assist architects in order to perform cost-benefit analyses of proposed Web implementations, enhancements and modifications.

·         Set and enforce compatibility and interoperability standards that ensure site accessibility for all users.

·         Monitor and report on Web site traffic and performance.

·         Participate in the industrialization of our assets

·         Participate in the On-Call calendar (7/7  18:00 – 7:30)

Contributing Responsibilities

·         Establish and document installations, guidelines, policies and procedures for relevant stakeholders.

·         Assist in production support (incident, problem and change management) for the Web Application firewall squad.

·         Assist architects in order to perform cost-benefit analyses of proposed Web implementations, enhancements and modifications.

·         Set and enforce compatibility and interoperability standards that ensure site accessibility for all users.

·         Monitor and report on Web site traffic and performance.

·         Participate in the industrialization of our assets

·         Participate in the On-Call calendar (7/7  18:00 – 7:30)

·          

Technical & Behavioral Competencies

Mandatory Skills

·         Strong knowledge on Web application firewalls, HTTP, TCP, SSL and PKI

·         Strong System administration experience with the F5 Big-IP Application Security Manager (ASM) and Local Traffic Manager (LTM) including tmsh and iRules

·         Strong experience in iRules development.

·         Experience in web vulnerability management.

·         Experience in (infra) automation with Python.

·         Experience in scripting languages such as Perl and Bash.

·         Generic knowledge on:  Web access management, anti-virus, firewalls, load balancers, networks and DMZ

·         Experience in technical documentation.

Good to have Skills

·         Strong experience in managing a complex WAF environment in the sector of financial services

·         Very good knowledge of REST based services and APIs

·         Experience in development and automation tools Ansible and Git.

·         Information Security related background

·         Familiar with DevOps methodologies and container technologies such as Docker

·         Familiar with an agile environment

Specific Qualifications (if required)

Skills Referential

Behavioural Skills: (Please select up to 4 skills)

Ability to collaborate / Teamwork

Attention to detail / rigor

Ability to synthetize / simplify

Communication skills – oral & written

Transversal Skills: (Please select up to 5 skills)

Analytical Ability

Ability to set up relevant performance indicators

Ability to develop and leverage networks

Ability to develop others & improve their skills

Choose an item.

Education Level:

Master Degree or equivalent

Experience Level

At least 7 years

Other/Specific Qualifications (if required)

NA

Offers you may be interested in