Web Security and Authentication Engineer

 About BNP Paribas India Solutions:

Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union’s leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.

About BNP Paribas Group:

 BNP Paribas is the European Union’s leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group’s commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability

Commitment to Diversity and Inclusion

At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.

 About Business line/Function:

BNP Paribas IT teams are providing infrastructure, development and production support services to all applications used worldwide by all business lines. There is a great variety of technologies and infrastructures from legacy systems to cutting edge Cloud technologies.

 Within BNP Paribas Group IT, the filiere “FORTIS” oversees operationally to the challenges of IT applications with an end-to-end vision and consistently across the Bank. Several domains of these filiere contribute to this, including the domain “Service Offering DevOps”, which provides the DevSecOps platform for IT Group, Control Center, DB Activities and move to Cloud project.

 BNP Paribas Fortis is a bank that is responsible and socially committed. The environment, diversity, cultural support, sponsorship... Through various and concrete ways, we are dedicated to meeting our customers’ expectations and proud to demonstrate our values: responsible, human, innovative and enthusiastic.

 Job Title:

Web Security and Authentication Engineer

Date:

May 2024

Department:

BNPP ITG

Location:

Chennai

Business Line / Function:

FORTIS

Reports to:

(Direct)

BNPP

Grade:

(if applicable)

(Functional)

ITGP/FORTIS

Number of Direct Reports:

Directorship / Registration:

NA

Position Purpose

The Web Security and Authentication squads within IT Middleware Services Tribe will work together with the existing Web Infrastructure Tooling & Hosting, Web Design and Secure Gateways squads for the technical design, installation, set-up, industrialization, management, support and documentation of the BNP Paribas Fortis Web Security Infrastructure

BNP Paribas Fortis needs Web Security Engineers to enforce the Web Securitization and Authentication squad.

Responsibilities

 

Direct Responsibilities

 The mission has different aspects:

 ·         Design, deliver and support the integration layer between operating systems and business applications within distributed environments for Web information exchange solutions.

·         Focuses on the integration of web applications in the Web Infrastructure, for the intranet as well as for the DMZ.

·         Deploy and maintain a consistent and complex Web site infrastructure

·         Help to identify, recommend, and prioritize new Web features in conjunction with application developers and architects.

·         Ability to challenge new and existing solutions, architectures and defend it towards the interest of the bank (maintenance, costs, security,…)

·         Identify reusable components required for Web Security and ensure the high quality of the service.

·         Share knowledge with colleagues on technology subjects, solutions, best practices on vendor specific and also on generic security components

Contributing Responsibilities

·         Establish and document installations, guidelines, policies and procedures for relevant stakeholders.

·         Assist architects in order to perform cost-benefit analyses of proposed Web implementations, enhancements, and modifications.

·         Active participation in production support (incident, problem and change management) for the Web Security squad.

·         Set and enforce compatibility and interoperability standards that ensure site accessibility for all users.

·         Monitor and report on Web site traffic and performance.

·         Participate in the automation and industrialization of our assets

·         Participate in the On-Call calendar (7/7 from 18:00 – 7:30)

·         Work on-site  (3-4 days)

Technical & Behavioral Competencies

Mandatory Skills

·         Proven experience with reverse proxies, Webseal, ISVA or similar

·         Proven experience with following Web technologies:

·         TAMeB

·         ISAM/ISVA (as from version 9and modules: AAC, Infomap, Federation)

·         Good and proven knowledge on:  Web access management,  Web authentication practices, SSL/TLS( and mutual auth.), SSO, Identity Federation,  PKI, certificates, OpenID Connect, OAuth 2.0, SAML 2.0, External Authentication Interface on WebSEAL

·         Practical knowledge of Oauth and OIDC protocols

·         Strong coding experience : Java, Python; Javascript server side (Rhino JS) are example of used languages & Ability to understand and translate existing code sources

·         Good knowledge on:  XML/XSLT

·         Generic knowledge on: firewalls, application firewalls, load balancers, networks, DMZ, network security, anti-virus

·         Knowledge in web and application servers including Apache and Websphere,

Experience with support on e-Commerce, intranet and extranet development

Good to have Skills

·         Security Token Service (STS) and/or TFIM experience + SOAP and WS-Trust knowledge

·         Recent successful proven experience in similar/comparable scope

·         Strong experience in security of Web Infrastructure in financial services

·         Basic Shell scripting (automation of curl commands i.e)

·         Familiar with DevOps methodologies and container technologies such as Docker

·         Familiar with an agile environment

·         Demonstrated team player with strong and effective customer care skills.

·         Quick self-starter, pro-active and innovative attitude.

·         Open minded and show flexibility in self-learning new technologies/tools.

·         Good analytical and synthesis skills.

·         Process-oriented with high attention to detail.

·         Effective oral and written communicator to both management and technical staff

·         Autonomy, commitment, and perseverance.

·         Ability to work in a dynamic and multicultural environment.

·         Flexibility (in peak periods extra efforts may be required).

·         Stress resistant

Specific Qualifications (if required)

 

Skills Referential

   

Behavioural Skills: (Please select up to 4 skills)

   

Ability to collaborate / Teamwork

   

Attention to detail / rigor

   

Ability to synthetize / simplify

   

Communication skills - oral & written

   

Transversal Skills: (Please select up to 5 skills)

   

Analytical Ability

   

Ability to set up relevant performance indicators

   

Ability to develop and leverage networks

   

Ability to develop others & improve their skills

   

Choose an item.

   

Education Level:

Master Degree or equivalent

   

Experience Level

At least 7 years

   

Other/Specific Qualifications (if required)