We are looking for

Sr. Security Test Engineer

Apply REF: TES001275

Job Description - APAC

Note to Hiring Manager:

In support of BNP Paribas APAC's Diversity Commitment, Hiring Managers are to consider at least 1 Asia Pacific national, 1 male and 1 female candidate for the position to be filled.

About BNP Paribas Group:

Worldwide, BNP Paribas has a presence in 74 countries with more than 190,000 employees. It has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. In Asia Pacific, BNP Paribas is one of the best-positioned international financial institutions with an uninterrupted presence since 1860. Currently with over 15,000 employees* and a presence in 14 markets, it provides clients with product and service solutions tailored to their specific needs, and continues to develop its franchise in the region.

About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas Group, a leading bank in Europe with an international reach. With delivery centers located in Mumbai and Chennai, we are a 24x7 global delivery center. We partner various business lines of BNP Paribas such as Corporate and Institutional Banking, Wealth Management, Retail Banking through three verticals - Information Technology, Operations and Finance Shared Services.

About Businessline/Function :

TCoE provides testing services for the BNP Paribas Group. The Security testing team is responsible to execute Penetration Tests (Black or Gray Box), SAST for the applications pertaining to the group

Job Title:

Sr. Security Test Engineer







Business Line / Function:

Non Functional Testing – Security Testing

Reports to:


Harshal Raut


(if applicable)


Number of Direct Reports:


Directorship / Registration:


Position Purpose

The purpose of the position is to help with the security testing activities mentioned in the direct responsibilities


Direct Responsibilities

  • To perform Penetration testing (Gray Box and/or Black Box) for Web applications; optionally for Thick Client, API, and mobile applications.
  • To understand the application’s security requirements and identify & document the scope of the test
  • Ensure execution of the documented security scenarios for the application under test.
  • Document and report all findings
  • Collaborate with the developers to help them understand the vulnerabilities reported in application
  • Escalate issues to the local management and onshore stakeholders in case it affects the testing  progress
  • Ensure processes for the project is followed for the assessments
  • Help review peer's work and mentor junior members in the team


-    Optional, experience in Source Code Assessment (SCA)/SAST

Contributing Responsibilities

Technical & Behavioral Competencies

  • Clear understanding of OWASP Top 10 - application security risks
  • Tools/OS: Burp Suite, OWASP ZAP, Kali Linux
  • Manual Security Testing & Analysis, Security Test Designing
  • Excellent Inter personal and presentation skills
  • Strong in verbal and written communication
  • Good analytical skills
  • Strong Time Management
  • Must be flexible, independent, self-motivated
  • Team player

Specific Qualifications (if required)

  • CSSLP/CEH or equivalent certification preferred

Skills Referential

Behavioural Skills: (Please select up to 4 skills)

Ability to collaborate / Teamwork

Attention to detail / rigor


Communication skills - oral & written

Transversal Skills: (Please select up to 5 skills)

Analytical Ability

Ability to develop and adapt a process

Ability to develop others & improve their skills

Choose an item.

Ability to understand, explain and support change

Education Level:

Bachelor Degree or equivalent

Experience Level

At least 3 years

Other/Specific Qualifications (if required)

Primary Location: IN-MH-MumbaiJob Type: Standard / PermanentJob: INFORMATION TECHNOLOGYEducation Level: Bachelor Degree or equivalent (>= 3 years)Experience Level: At least 3 yearsSchedule: Full-time Reference: TES001275