About BNP Paribas Group:

BNP Paribas Group is a leading European bank with a strong global footprint across 72 markets and more than 202,000 employees. The Group provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas Group, a leading bank in Europe with an international reach. With delivery centers located in Mumbai and Chennai, we are a 24x7 global delivery center. We partner various business lines of BNP Paribas such as Corporate and Institutional Banking, Wealth Management, Retail Banking through three verticals - Information Technology, Operations and Finance Shared Services.

About Business line/Function:

CDF – CISO BUREAU is a unit which making sure that CISO key objectives are in line with Group strategy.

Job Title:

Cyber Security Engineer

Date:

Department:

CDF/CISO bureau

Location:

Mumbai

Business Line / Function:

ITG

Reports to:

(Direct)

Grade: 

(if applicable)

(Functional)

Number of Direct Reports:

Directorship / Registration:

NA

Position Purpose

The main responsibility of Cybersecurity personnel is to develop and implement integrated solutions in the IT risk management policy approach. 

Responsibilities

• Receive, triage, and approve remote access tickets (VPN, ZTNA, SSC).

• Maintain the Access Exception Register for out of policy connections and enforce remediation timelines.

• Validate environment specific access (Dev/Test/Prod) with application owners.

• Continuously monitor remote session logs, flag anomalies, and trigger incident response.

• Produce weekly/monthly KPI dashboards (request to grant time, exception ageing, usage trends).

• Create & maintain Resource Groups – the technical catalogue of infrastructure assets that can be granted privileged rights.

• Define Rolesthat map one or more Resource Groups to a logical business function (e.g., “Finance 

  Payments Prod”).

• Onboard/ off board Users – assign Roles to identities based on role based access control policies, ensuring “least privilege”.

• Process entitlement change requests through the IGA platform (SailPoint, Saviynt, etc.) and hand off approved changes to the CyberArk team for credential provisioning.

• Lead quarterly Role Attestation/Recertification cycles with line of business managers.

• Keep a complete audit trail of role to resource & role to user mappings, approvals, and revocations.

Technical & Behavioral Competencies

Functional Skills

· Serve as the liaison between IAM, Service‑Now/ITSM, Application owners, and the CyberArk PAM team.
• Participate in security incident response for remote‑access or privileged‑access breaches.
• Contribute to policy updates (Remote‑Access Policy, PAM Standards, RBAC Design Guidelines).

· Demonstrates a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate; 

· IT knowledge

Technical :

• Remote access concepts (VPN, ZTNA, MFA, conditional access).

• IAM/IGA fundamentals – RBAC, ABAC, entitlement lifecycle, least privilege.

• Experience with at least one IGA platform (SailPoint, Saviynt, One Identity, IBM Security Verify Governance, etc.).

• Basic scripting/automation (PowerShell, Python, Bash) for repetitive tasks.

Behavioral :

- Strong Communication, Analytical and problem-solving skills.

- Proven organizational skills with excellent multi-tasking, result oriented and prioritization skills

- Good documentation and reporting skills

- Ability to work independently

- Strong communication and interpersonal skills, able to communicate and relate easily with IT, Finance and back office users

-          Good communication, technical writing/diagramming skills

- Attention to details and accuracy

- Capacité for créativité and innovation

- Self-discipline

Specific Qualifications (if required)

· Bachelor’s in Computer Science, Information Security, Business Information Systems, or related field.

· Certifications such as CISSP, CISM, CompTIA Security+, Certified Identity & Access Manager (CIAM) are a plus.

Skills Referential

Behavioural Skills: (Please select up to 4 skills)

Communication skills - oral & written

Attention to detail / rigor

Ability to deliver / Results driven

Creativity & Innovation / Problem solving

Transversal Skills: (Please select up to 5 skills)

Analytical Ability

Ability to manage a project

Ability to understand, explain and support change

Ability to develop and adapt a process 

Ability to anticipate business / strategic evolution

Education Level: 

 Bachelor Degree or equivalent

Experience Level

At least 5 years

Other/Specific Qualifications (if required) CISSP, CISM, CompTIA Security+, Certified Identity & Access Manager (CIAM) are a plus.