Networks Security BNP Paribas (#MITP)

September 11, 2023
Contrato de trabajo
Puesto de trabajo / Misión
Solicitar este trabajo

I.               Business Overview

The BNP Paribas Group is one of the largest international banking networks, with a presence in 72 countries. The organisation is an international financial services group, with in excess of 202,000 employees with solid roots in Europe, a significant and growing presence in the Americas as well as a solid and fast-growing business in Asia-Pacific.

The BNP Paribas Group is organised around two main activities: Retail Banking & Services and Corporate & Institutional Banking (CIB).

CIB IT Platform

The CIB IT Platform for EMEA is responsible to provide IT Services to our Clients ensuring a Digital Market evolution, in a secured and performant environment, and with a reliable quality. This function includes Global Markets Application Production, Local Territory IT Development, the Core Infrastructure environment including Datacentres, Application Production, Security, Architecture as well as elements of the Global Services organisation.

II.            Context and Role summary

The “Production Security” Domain is part of the Corporate & Institutional Banking Information Technology & Operations (CIB ITO) of BNP Paribas. Within this domain, “Network Security (Secprod)” has a relevant role …

IT Security Operations is part of the IT Risk function to ensure the availability, integrity, confidentiality and audit of the data. This encompass the responsibility of the level of the infrastructure by making sure security principles are applied on the network and on the users extended right with a monitoring and control setup in place.

The IT Security Operations review and assess the architecture in term of network and applications, approve and implement the rules on the firewalls, and are the security expert involved in the metier and infrastructure projects


III.         Position – Key Accountabilities

The jobholder will be mainly in charge of maintaining and improving the level of the infrastructure with the management of the firewalls, Socks Proxies and its related components and the architecture review.

Specific workflows, change requests and controls are in place for the audit and traceability purposes.

His main tasks are, but not limited to:

·       Administration of the firewalls : policies implementations, daily houseclean up, regular rules review for clean-up, support for incident,

·       Use of firewalls tools such as Tufin SecureTrack/SecureChange: optimize the usage of tool options; set regular report for daily clean-up and rules usage

·       Administration of Socks Proxies for specific internet accesses

·       Manage the workload to a reasonable level

·       Propose Architecture or tools improvements based on daily events noticed.

·       Oncall duty first layer

·       Support IT production teams on security best practice

·       Assessment of infrastructure and applications; make sure security model and security principles are followed on the application level, on the network level, between inter and intra DMZs.

·       Could work on Team internal  IT Projects

·       Be up-to-date with new trend and technologies in Security area.

IV.         Professional Skills, Abilities and Experience


The ideal candidate has a strong security background on the following points:

·       Strong skills and working knowledge of Checkpoint suite (manager and firewall)

·       Strong skills and working knowledge of Fortinet suite (manager and firewall)

·       Skills and working knowledge of Tufin SecureTrack/SecureChange

·       Strong knowledge on TCP/IP, LAN, WAN and security network principle, compliance network rules

·       Strong technical background in IT security is necessary since Security Equipment configuration can directly impact the security of the Bank

·       Experience in Security Best practices, in network threat and vulnerabilities

·       Certifications on the Security technologies are appreciated.

·       1 to 3 years’ experience working in IT infrastructure environments.


·       Knowledge of Unix system (e.g. Solaris) and Windows

·       Knowledge of SecurID and ACE Server and HSM

·       Knowledge of WAF

·       Knowledge of IDS and IPS

·       Knowledge on scripting

V.            Personal Attributes

·       ‘Can do’ attitude

·       Proactive and pragmatic approach with a strong ability to work on own initiative

·       Ownership of work and commitment to delivery

·       Strong problem solving skills

·       Ability to operate with demanding Senior IT Management

·       Team oriented

·       Good interpersonal skills

VI.         Languages & Qualifications


·       High English spoken and written fluent (B2/C)

·       French spoken and written will be valued


·       Bachelor in Computer Science or equivalent

·       ITIL Foundation certificate will be desirable

VII.       Others

·       On Site Services: From 8:00 to 20:00 schedule to cover in weekly shifts of 8 working hours/day

·       On Call Services: Out of regular schedule, we provide On Call services (out of business hours) to be covered in weekly shifts by team members.

·       Public Holidays: Team members have to cover all public holidays except 1st January and 25th December (4 persons only in shifts)