The bank for a changing world

We are looking for

Junior Penetration Testing & Red Team analyst

Apply REF: IT-060919-001-CR

REPORT TO 
Cyber Defense Manager

MISSION AND OBJECTIVES

The Junior Penetration Testing & Red Team analyst develops and implements offensive cyber tests based on current threat intelligence and assists senior analysts with running vendor penetration tests.

MAIN RESPONSIBILITIES

• Develop and implement offensive cybersecurity tests to validate the completeness and effectiveness of cybersecurity controls for operating systems, databases, middleware, network devices, and applications.
• Assist senior team members in executing penetration tests conducted either with either staff or vendors.
• Assist senior team members with executing phishing campaigns, mature the process to provide increased visibility for non-technology leadership, and start building the center of excellence for this capability with off-shore staff supporting the North American team.


TRAINING AND OCCUPATIONAL EXPERIENCE

Minimum Qualifications
• Either of the following:

• Minimum 2 years in an Information Technology or Information Security technical role;
• A bachelor’s degree from an accredited college or university in Computer Science, Computer Engineering, Electrical Engineering, or Computer Security; or
• Have held either the ECSA or OCSP certifications.

Preferred Qualifications
• 2 of the above minimum qualifications
• Have held one or more of the following certifications (does not need to be current as long as the candidate can fully leverage these skills): CISSP, GCED, OSCP, LPT, ECSA, RHCE, CCNP, or MCSA Win Server 2012/2016+.

ESSENTIAL SPECIFIC REQUIREMENTS

Minimum Qualifications
• An ability to analyze threat actor TTPs at a highly detailed and technical level and then examine the controls and develop then execute tests of those controls.
• Understanding of the basics of networking, Windows, Linux, and application development.
• Strong critical thinking and analysis skills as well as the written/verbal communication skills necessary to organize and concisely convey complex technical & tactical topics.
• The ability to write basic code in C, C++, Java, or Python.  The ability to write scripts in python, PowerShell, and bash.
• Experience doing some type of offensive cyber pen testing through a dedicated lab environment.
• Basic familiarity with at least one major pen testing framework.

 
Preferred Qualifications
• Understanding of the concepts in series ‘Windows Internals’, 7th edition.
• Experience doing some type of offensive cyber tasks professionally.
• Intermediate level familiarity with at least one major pen testing framework

• Bilingual : English and French

A recruitment policy that promotes equity and diversity:

Equity and diversity are at the core of our recruitment policy because we believe that they foster creativity and efficiency which in turn increase performance and productivity. We strive to reflect the society we live in, while keeping with the image of our clients.

We pride ourselves in applying non-discrimination rules to all our recruitments.

We will only contact the candidates selected who meet the job requirements in terms of training and experience.

About BNP Paribas

BNP Paribas is a leading bank in Europe with an international reach. It has a presence in 73 countries, with more than 195,000 employees, including more than 148,000 in Europe. The Group has key positions in its three main activities: Domestic Markets and International Financial Services (whose retail-banking networks and financial services are covered by Retail Banking & Services) and Corporate & Institutional Banking, which serves two client franchises: corporate clients and institutional investors. The Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realise their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, the Group has four domestic markets (Belgium, France, Italy and Luxembourg) and BNP Paribas Personal Finance is the leader in consumer lending. BNP Paribas is rolling out its integrated retail-banking model in Mediterranean countries, in Turkey, in Eastern Europe and a large network in the western part of the United States. In its Corporate & Institutional Banking and International Financial Services activities, BNP Paribas also enjoys top positions in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific.

About BNP Paribas in Canada

In Canada, BNP Paribas is one of the dominant foreign banks in the country and is committed to building its platform even further. Since becoming the operational hub for the Group’s activities in North America in 2013, it has grown significantly to reach more than 700 employees and is expected to continue growing in the coming years. With the continued development of technology and financial fields, BNP Paribas Canada continues to attract experts with diverse backgrounds as well as young and ambitious talent from across the globe. With the international mobility and capacity that very few companies can offer, BNP Paribas prides itself in providing a superior foundation for building a professional career - a place for people to learn, to achieve and grow.

Primary Location: CA-QC-MontréalJob Type: Standard / PermanentJob: INFORMATION TECHNOLOGYEducation Level: Bachelor Degree or equivalent (>= 3 years)Experience Level: At least 2 yearsSchedule: Full-time Behavioural competency: Ability to collaborate / TeamworkTransversal competency: Analytical Ability