Production Security – OWASP & Scanning

July 9, 2024

Production Security – OWASP & Scanning

Reference12349585

  • Permanent
  • IN-Maharashtra-Mumbai
  • INFORMATION TECHNOLOGY
Apply for this job

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24×7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.

About BNP Paribas Group:

 BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group’s performance and stability

 

Commitment to Diversity and Inclusion

At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.

About Business line/Function:

CIB ITO Production ensures the provision of industrialized and digital production services. The objective is to offer innovative products and services to its customers in a performing, global and secured environment in order to speed up delivery and time to market. CIB ITO Production manages operational risk by running stable and robust IT production platforms. CIB ITO production hosts critical service delivery scope comprising of Global Markets, Global Banking, Client & Experience, BP2S and Production Security.

Job Title:

IT Security Professional

Date:

Department:

ISPL IT Production

Location:

Mumbai

Business Line / Function:

Production Security

Reports to:

(Direct)

Grade:

(if applicable)

(Functional)

Number of Direct Reports:

NA

Directorship / Registration:

Position Purpose

The team in INDIA is currently looking for an IT Security Professional, within the Security Scans teams.

The new joiner will work on Security & Compliance scans for Internet facing assets, Intranet application, Intranet servers and all infrastructures including container, Firewall, Proxy etc. assets across Asia-Pacific.

The new joiner will not only perform day-to-day scan and follow-up of the remediation, but also onboard new assets and look into improving the reporting.

Excellent communication & presentation skills will be needed, to help any involved party understanding the risk.

 

Given the diversity of activities, the new team member will have the opportunity over time to expand their knowledge & responsibilities on the other topics managed by the teams.

Responsibilities

Direct Responsibilities

  1. Perform day-to-day Security & Compliance scans, follow-up on the remediation.
  2. Communicate with internal party to raise awareness and maintain the response time.
  3. Coordinate with Global teams on the Vulnerability Management topic.
  4. Reporting and presenting the reports to the stake holders.

Contributing Responsibilities

  1. Contribute to the Permanent Control framework for implementation of policies and procedures in day-to-day business activities, such as Control Plan
  2. Contribute to Internal Audit response activities.
  3. Comply with regulatory requirements and internal guidelines.
  4. Contribute to improvement of tools used by Production Security to follow-up on the Security Incidents

Technical & Behavioral Competencies

·       OWASP methodologies application is a mandatory.

·       2 – 4-year experience in IT Security minimum

·       University degree, preferably in Computer Science with spec. in IT Security

  • Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex technical issues in an easily understood manner.

·       Curious and highly implicated in IT Security

·       Team player

·       Experience working in an international and complex financial environment, dealing with both business constraints and IT users across countries.

·       Good knowledge of Security scanning tools like Qualys, Nexpose, Appspider is highly appreciated along with good understanding of Kubernetes.

·       Experience in a multi-cultural environment is appreciated.

·       CEH or Any Security certifications are appreciated.

·       Experience in Development languages and scripting is appreciated.

Specific Qualifications (if required)

 

No specific diplomas or certifications are mandatory. However, the candidate must be an expert in their domain. Interview level will sort this out.         

Skills Referential

Behavioural Skills: (Please select up to 4 skills)

Ability to collaborate / Teamwork

Organizational skills

Adaptability

Critical thinking

Transversal Skills: (Please select up to 5 skills)

Ability to understand, explain and support change

Ability to anticipate business / strategic evolution

Ability to manage / facilitate a meeting, seminar, committee, training…

Ability to inspire others & generate people’s commitment

Ability to develop and leverage networks

Education Level:

  Bachelor Degree or equivalent

Experience Level

At least 2 years

Other/Specific Qualifications (if required)

NA

      

Offers you may be interested in