Job Title: Cyber Security Engineer

Department: ITG CDF CISO Bureau Competency Center

About Business line/Function: CDF – CISO BUREAU is a unit which making sure that CISO key objectives are in line with Group strategy.

Position Purpose: As a cyber engineer you will join a Cyber Digital & Fraud security team, CDF is the central Cybersecurity department of the group BNPP.

Your role will consist of maintaining the security of applications for a wide range of applications by performing the application security review.

Responsibilities

Direct Responsibilities

·         Perform the security review of applications according to the Group requirements

·         Support teams in implementing cybersecurity measures in assets

·         Analyze the security reports produced by scanners and intrusion tests

·         Assistance in establishing vulnerability remediation plans

·         Follow-up of remediation plans for non-compliances and vulnerabilities

·         Provide IT & Cyber risk management (IT, Cyber,..) advisory and guidance to the stakeholders involved

Contributing Responsibilities

·         Prepare reports, risk measures and the relevant management information

·         Contribute towards the identification of KPIs for the Operational Resilience Dashboards. Publishing the dashboard on regular basis.

·         Support IT teams in implementing cybersecurity measures in assets

·         Contribute to overall department and ISPL Vision goals as directed by Dept. head and Manager

·         Build a thorough understanding of Global Cybersecurity posture of the Bank in order to provide high impact risk analysis to protect the firm.

·         Contribute to classify the applications based on data confidentiality, integrity, availability and traceability, to obtain an end-to-end view of the most critical IT assets/sensitive data.

·         Contribute towards the identification of KPIs for the Operational Resilience Dashboards. Publishing the dashboard on regular basis.

Technical & Behavioral Competencies

·         Functional Skills

o    Experience in IT Risk and Cyber Security domains in a financial institution demonstrating a high-level of commitment and self-motivation.

o    Experience in IT domains

o    Knowledge of Applications Security

o    Strong demonstrated knowledge of cybersecurity, cyber risk and cyber threats 

o    Risk knowledge and awareness of risks combined with enthusiasm and a genuine interest in the role of Risk Assessment, Risk Analysis in business and providing Risk Opinion as a subject matter expert. 

o    Working knowledge of global threats to international cyber security, 

o    Demonstrates a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate. 

o    IT knowledge

·         Technical Skills:

o    Good understanding of organizations and IT Businesses

o    Good technical understanding of infrastructures and IT Security Productions and Systems

o    IT risk analysis and management methods

o    Knowledge of Cyber Resilience, IT continuity and business continuity

o    GRC - Governance, Risk Management and Compliance Management.

o    Should have worked with Risk Management Tools

o    Network protocols and network connectivity concepts; Firewall and Internet technologies; Cloud Security, Banking Tools & Technologies. 

o    Secure access control mechanisms; Encryption and Key management technics

·         Behavioral Skills:

o    Ability to collaborate / Teamwork

o    Client focused

o    Strong Communication, Analytical and problem-solving skills.

o    Proven organizational skills with excellent multi-tasking, result oriented and prioritization skills

o    Good documentation and reporting skills

o    Ability to work independently

o    Strong communication and interpersonal skills, able to communicate and relate easily with IT, Finance and back-office users

o    Attention to details and accuracy

o    Self-discipline

Specific Qualifications:

·         One or more Industry-recognized information Security certifications such as CISSP, CISA, GCCC, CISM, CRISC, CEH, OSCP or Security+.

·         IT Security tools like Firewalls, IPS, WAF, Endpoint protection, Network security, etc. 

·         IT Auditing (ISO27001, ISO27005)

·         Regulatory Compliance

Skills Referential (Required knowledge, skills and abilities)

Behavioral Skills:

·         Attention to detail / rigor

·         Ability to deliver / Results driven

·         Creativity & Innovation / Problem solving

Transversal Skills: 

·         Analytical Ability

·         Ability to manage a project

·         Ability to understand, explain and support change

Education Level: Bachelor’s degree or equivalent with at least 2 years of experience.

Location: Mumbai

About BNP Paribas Group:

BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialized businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability.

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.

Commitment to Diversity and Inclusion

At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.