ITG-Security Tester

About BNP Paribas Group:

BNP Paribas is a top-ranking bank in Europe with an international profile. It operates in 71 countries and has almost 199 000 employees. The Group ranks highly in its three core areas of activity: Domestic Markets and International Financial Services (whose retail banking networks and financial services are grouped together under Retail Banking & Services) and Corporate & Institutional Banking, centred on corporate and institutional clients. The Group helps all of its clients (retail, associations, businesses, SMEs, large corporates and institutional) to implement their projects by providing them with services in financing, investment, savings and protection. In its Corporate & Institutional Banking and International Financial Services activities, BNP Paribas enjoys leading positions in Europe, a strong presence in the Americas and has a solid and fast-growing network in the Asia/Pacific region.

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, a leading bank in Europe with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24×7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 6000 employees, to provide support and develop best-in-class solutions.

About Businessline/Function :

ITG provides testing services for the BNP Paribas Group. The Non-Functional Testing – Security testing team is responsible to execute SAST/SCA, SAT aka Gray Box assessment, Penetration Tests for the applications pertaining to the group

Job Title:

Security Test Engineer

Date:

18-Apr-2023

Department:

ITG

Location:

Mumbai/Chennai

Business Line / Function:

Non Functional Testing – Security Testing

Reports to:

(Direct)

NA

Grade:

(if applicable)

(Functional)

Number of Direct Reports:

NA

Directorship / Registration:

NA

Position Purpose

The purpose of the position is to help with the security testing activities mentioned in the direct responsibilities

Responsibilities

Direct Responsibilities

–       Perform SAT aka Gray Box and/or Penetration testing on web, API, thick client or Mobile (iOS, Android) applications

–       Analyse application security requirements and create security tests for the application

–       Document and report all findings

–       Escalate issues to the local management and onshore stakeholders in case it affects the test progress

–    Ensure processes for the project is followed for the assessments

Note:

–    Experience in Source Code Assessment (SCA)/SAST will be an added advantage

Contributing Responsibilities

Technical & Behavioral Competencies

–       Excellent Inter personal and presentation skills

–       Strong Time Management

–       Strong in verbal and written communication

–       Clear understanding of OWASP Top 10 – application security risks

–       Tools/OS: Burp Suite, OWASP ZAP, Kali Linux

–       Manual Security Testing & Analysis, Security Test Designing

–       Must be flexible, independent, self-motivated

      –       Good analytical skills

Specific Qualifications (if required)

–       CSSLP/CEH or equivalent certification preferred

                                            

Skills Referential

Behavioural Skills: (Please select up to 4 skills)

Ability to collaborate / Teamwork

Attention to detail / rigor

Adaptability

Communication skills – oral & written

Transversal Skills: (Please select up to 5 skills)

Choose an item.

Choose an item.

Choose an item.

Choose an item.

Choose an item.

Education Level:

Bachelor Degree or equivalent

Experience Level

At least 3 years

Other/Specific Qualifications (if required)

               

NA