GROUP BNP PARIBAS

BNP Paribas Group is the top bank in the European Union and a major international banking establishment. It has close to 185,000 employees in 65 countries. In Spain we are more than 5,100 employees within 13 business lines.

Spain IT Production

Spain IT Production organization consists of CIB ITO & ITG IT Platforms and is responsible for providing IT Production services to our Clients in EMEA, ensuring a Digital Market evolution, in a secured and performant environment, and with a reliable quality. IT Production organisation includes Infrastructure services, Telecom & Workspace, Production Security and Application Production domains and associated transversal services (CTO Office, Control Tower, PMO and IT Continuity). In Spain, IT Production relies on a Platform with over 400 experts that provide full-stack support services ensuring a secure, stable, standardized, and efficient production.

ABOUT THE JOB

MISSION

THE ROLE: WEB SECURITY POLICY AND AUTOMATION

As part of the Global Web Security team, you will work on two key initiatives:

Policy Sanitation and Optimization

Our WAF and Proxy environments have evolved over time, leading to accumulated rules that require rationalization. Your role will involve:

• Reviewing and analyzing existing security policies (filtering, authentication, SSL inspection) to identify redundancies, conflicts, or outdated configurations.
• Proposing and testing optimizations to improve security posture and operational efficiency.
• Documenting changes and ensuring alignment with BNP Paribas security standards and OWASP guidelines.

RESPONSIBILITIES

This work directly supports our 2026 roadmap to reduce complexity, minimize false positives, and enhance performance across our web security infrastructure.

Signature and Rule Automation

Manual updates to threat signatures and security rules are time-consuming and prone to delays. You will assist in:

• Developing scripts (Python/Bash) to automate the deployment of signature updates from vendors as well as optimize current workflows from our TOM.
• Testing and validating automated processes to ensure accuracy and reliability.
• Monitoring the impact of updates on false positive/negative rates and system performance.

By contributing to this initiative, you will help reduce manual workloads and improve response times to emerging threats.

Operational Support (Level 2)

In addition to project work, you will gain exposure to daily production security operations, including:

• Managing access requests and basic incident resolution in ServiceNow.
• Assisting in log analysis to troubleshoot issues (e.g., blocked legitimate traffic, misconfigured rules).
• Escalating complex cases to Level 3 support with clear documentation.

This experience will provide foundational knowledge of enterprise web security operations while supporting your work on the policy and automation roadmaps.

REQUIREMENTS

• Engineering school diploma or equivalent (required).
• Cybersecurity / Information Technology / Telecommunications degree or master’s (a plus).
• Demonstrated interest in cybersecurity, particularly in web application defense (blue-team mindset).

Experience

No prior experience required.

Languages

·         Fluent English (mandatory).

·         French (a plus).

·         Spanish (a plus).

SKILLS

• Technical

o    Preferred knowledge of:

§  WAF operations (F5 ASM) and Proxy operations (SkyHigh).

§  HTTP/HTTPS protocols and status codes.

§  OSI model, SSL/TLS, and ITIL frameworks (a plus).

o    Basic scripting (Python/Bash) is beneficial but not required—training will be provided.

• Transversal & Behavioral

Behavioral Skills

·         Collaboration: Ability to work with global teams across different locations.

·         Problem-solving: Adaptability to shifting priorities and continuous improvement initiatives.

·         Communication: Clear documentation and ability to explain technical concepts to non-experts.

BENEFITS

• Hybrid telecommuting model. 

• One vacation day per month worked (according to the duration of the agreement with the university).

• Meal allowance. 

Diversity and inclusion commitment

BNP Paribas Group in Spain is an equal opportunity employer and proud to provide equal employment opportunity to all job seekers. We are actively committed to ensuring that no individual is discriminated against on the grounds of age, disability, gender reassignment, marriage or civil partnership status, pregnancy and maternity/paternity, race, religion or belief, sex or sexual orientation. Equity and diversity are at the core of our recruitment policy because we believe that they foster creativity and efficiency, which in turn increase performance and productivity. We strive to reflect the society we live in, while keeping with the image of our clients.