IT Production Security – Data Protection BNP Paribas

March 7, 2023
Employment contract
Standard / Permanent
Job / Mission
Apply for this job

  1. Business Overview

The BNP Paribas Group is one of the largest international banking networks, with a presence in 72 countries. The organisation is an international financial services group, with in excess of 202,000 employees with solid roots in Europe, a significant and growing presence in the Americas as well as a solid and fast-growing business in Asia-Pacific.

The BNP Paribas Group is organised around two main activities: Retail Banking & Services and Corporate & Institutional Banking (CIB).

BNP Paribas works daily with all its stakeholders to create an environment that is respectful of everyone, based on equality, and where fighting discrimination represents a primary goal. Our teams in CIB ITO Production strongly supports these values, and in particular aims at increasing women’s representation, as well as maintaining an inclusive workplace. Women are a valuable asset for our organization, and we strongly encourage them to join our professions. We will always keep a close and mindful watch on discrimination, but also to challenge the unconscious bias and stereotypes.

MADRID IT Platform

The CIB IT Platform for EMEA is responsible to provide IT Services to our Clients ensuring a Digital Market evolution, in a secured and performant environment, and with a reliable quality. This function includes Global Markets Application Production, Local Territory IT Development, the Core Infrastructure environment including Datacentres, Application Production, Security, Architecture as well as elements of the Global Services organisation.

  1. Context and Role summary

The “Production Security” Domain is part of the Corporate & Institutional Banking Information Technology & Operations (CIB ITO) of BNP Paribas. Within this domain, “Defense Team” has a relevant role.

Production Security and CyberDefense Teams are providing Security Services for CIB. Production Security is in charge of all the Security aspects linked to Production (=Protect Production; IAM, Network Security, CSIRT, DRP, DLP, Vulnerabilities …), whereas CyberDefense will identify weaknesses, perform Risk Assessment and PenTests.

The Security Engineer is part of the Production Security Team. She/he is in charge of maintaining and improving the level of the security of the infrastructure by focusing on Data Protection topics.

  1. Position – Key Accountabilities

The candidate will have a first experience or specialized diploma focused on Data Protection. The candidate must be expert on “IBM Guardium” or “Varonis” tool (Varonis is preferred). The candidate will also ideally have experience in the following areas:

  • Ability to work in an international context (English spoken mandatory)
  • Ability to work within a team divided into different physical locations (UK, France, Spain)
  • Maintain the IBM Guardium and Varonis tool up to date and in working conditions.
  • Follow the deployment of the tools :
    • For Guardium : DAM (already deployed) + Discovery Module (contact with applicative teams, planification of the changes, apply the prerequisites on servers, ensure the reporting is working well, update the agents, handle monitoring alerts…).
    • For Varonis : Datadvantage (already deployed) + DCE + DatAlert Modules (contact with NAS teams, planification of the changes, apply the prerequisites on servers, ensure the reporting is working well, handle monitoring alerts…).
  • Experience on a DLP tool (Symantec/Broadcom is a plus) to manage L2 actions like :
    • Keep the tool up to date and in working conditions.
    • Investigations in case of problems raised by users.
    • Manage the relation with vendor (through tickets).
  1. Professional Skills, Abilities and Experience


  • Expert on IBM Guardium or Varonis Tool (you will be trained on the tool you did not know).
  • First experience in a large company (>6months) as data protection role.
  • Well-versed in security best practices
  • Strong technical background in IT security is necessary
  • Customer service oriented skills


  • System administration skills (Linux/Windows Servers)
  • Network administration background/knowledge
  • SQL, Microsoft SSRS (SQL Server Reporting Services)
  1. Personal Attributes
  • Attention to detail
  • Ability to work on several incidents/subjects and keep these on-track simultaneously
  • Understanding of operational risk and control framework
  • Integrity
  • Ability to remain impartial to ensure that risks/issues are highlighted to CIB Production Security Management
  • Can do attitude & Proactive approach
  • Strong problem solving skills
  • Good interpersonal and communication skills
  • Eager to learn
  1. Languages & Qualifications


  • High English spoken and written fluent (B2/C)
  • French spoken and written will be valued


  • Bachelor in Computer Science or equivalent
  • ITIL Foundation certificate will be desirable
  1. Others
  • On Site Services: From 9:00 to 18:00 schedule to cover in weekly shifts of 8 working hours/day
  • Public Holidays: Team members have to cover all public holidays except 1st January and 25th December (2 persons only in shifts)