Network Security Engineer
This Position will be based in Geneva
The Production Security manages operational security for BNP Paribas IT Production Hub in Switzerland. The maturity and performance levels of these production services are constantly measured and targeted for continuous improvement. This performance relies on robust processes, highly skilled security engineers and experts in our production domains, who are proactive and have a critical perspective. Quality, excellence, and a forward-looking vision are at the core of our Production Security values to support security developments and the transformations of the IT department.
Within the Production Security service, one team is particularly at the crossroads of key project challenges. The Network Security team is responsible for this domain by maintaining, evolving, and adapting our framework in terms of architecture, network security, and its firewall components, IDS/IPS, WAF, user and business proxies. The team is also a key contributor to the technical architecture designs provided by the projects.
The collaborator will be involved upstream in projects during the definition of the technical architecture, the opening and validation of data flows (firewall, proxy), up to the control stage. The collaborator will also intervene in key projects led by the team, such as micro-segmentation or proxy security, all while prioritizing operational improvement and customer service.
YOUR WORK DAY
Infrastructure and application Security
- Project support: propose secure solutions that meet needs while adhering to the Group’s security standards
- Major and driving contribution to the domain’s evolution projects (examples: firewall, micro-segmentation, Internet browsing, automation, IDS/IPS, WAF)
- Configuration and installation of flows related to infrastructures
Firewall Production - reverse-proxy – application firewall –socks proxy – IPS probe
- Project support: propose secure solutions that meet needs while adhering to the Group’s security standards
- Production tasks: implementation of rules on security elements
- Automation / industrialisation of various business-as-usual activities (example: scripting)
YOUR PROFILE & SKILLS
Professional Skills:
- Good knowledge of secure 3-tier application architectures
- Knowledge in the field of securing Web application traffic
- Knowledge of IT threats (viruses, ransomwares, worms, spywares, APT, data breaches, etc.).
- Proficiency in the configuration, integration, and operational maintenance of IDS/IPS
- Scripting, automation culture
- Ability to report on constraint analysis and possibilities to a non-technical audience.
- Strong knowledge of security (best practices, monitoring, compliance, security awareness, etc.)
- Experience in banking environment is appreciated.
Technical Skills:
- ISCO IDS/IPS and Checkpoint technologies
- Checkpoint, Fortinet Firewall
- Skyhigh Proxy (ex-McAfee)
- F5
- Good network knowledge (switch, router)
Interpersonal Skills:
- Solution-oriented
- Initiative-taking
- Ability to step back and be responsive.
- Adaptability and prioritization skills
- Analytical skills and attention to detail
- Exemplary attitude and good interpersonal relations
- Being proactive and offering suggestions
Languages:
- French: fluent
- English: good level in documentation writing and oral communication
Desired experience and education:
- Engineer or Master’s degree in Computer Science with at least 8 years of experience in security, including experience in production roles
In a changing world, diversity, equity and inclusion are key values for the well-being and the good performance of teams. At BNP Paribas, we wish to welcome and retain all talents, without any distinction: together we will build the finance of tomorrow, innovative, responsible and sustainable.
Finally, we insist on the particular importance of having our employees act daily in a spirit of ethical and professional responsibility.
NB: all terminologies apply in both the feminine and the masculine.