MANAGER - IT SECURITY (JOB NUMBER: CIB007165)
BNP Paribas is a top-ranking bank in Europe with an international profile. It operates in 71 countries and has almost 199 000 employees. The Group ranks highly in its three core areas of activity: Domestic Markets and International Financial Services (whose retail banking networks and financial services are grouped together under Retail Banking & Services) and Corporate & Institutional Banking, centred on corporate and institutional clients. The Group helps all of its clients (retail, associations, businesses, SMEs, large corporates and institutional) to implement their projects by providing them with services in financing, investment, savings and protection. In its Corporate & Institutional Banking and International Financial Services activities, BNP Paribas enjoys leading positions in Europe, a strong presence in the Americas and has a solid and fast-growing network in the Asia/Pacific region.
About BNP Paribas India Solutions:
Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, a leading bank in Europe with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 6000 employees, to provide support and develop best-in-class solutions.
About Business line/Function : Information Security and BCM
Information security and BCM team are responsible to perform the security assessment of all new/existing infrastructure and application projects. Also, responsible to assess business continuity requirement of each team and project based on the criticality and streamline the process to achieve the requirement.
Business Line / Function:
Information Security and BCM
Number of Direct Reports:
Directorship / Registration:
The missions of the IT SECURITY MANAGER covers all or part of the three major security activities for his (her) area:
- Information Systems (IT) security
The missions of the IT SECURITY MANAGER extend to the India territory (with a few minor exceptions), in accordance with the policy defined by the BNP Paribas Group:
- Take part in Implementing the Global Security strategy
- Perform management of Global Security for India Territory
- Perform Stakeholder Management of all key departments/entities
Key Responsibilities
- Analyze systems, protocols, interactions, and data to identify and response to active security threats in the environment.
- Collect, analyze, and report on malicious software and phishing messages targeting internal assets to understand the capabilities and indicators of compromise.
- Create and improve upon existing response, triage, containment, and recovery processes.
- Continually monitor for policy violations or incidents and actively participate in remediation
- Prepare documentation for technical controls and processes associated with information security solutions
- Work closely with other technology personnel to ensure the security of the environment and remediation of security events
- Perform IT Security Awareness and Trainings
- Be a Team Player and manage a team of IT Security professionals
Main Activities
- Perform regular IT Security reviews of all IT assets
- Work on IT Security analysis and exceptions on a case-by-case basis
- Assist end-to-end in Internal Audits, Regulatory Audits, External Audits
- Engage in Cyber Drills, Red Team exercises
- Support in the execution of Internal Risk Controls
- Perform Firewall Rule reviews
- Engage in Cybersecurity projects, Application Security Reviews, etc.
- Conduct IT Security reviews of Data Centers, Bank Branches, Workstations
- Perform Risk Assessments on new & exiting business solutions, infrastructure setup & applications
- Write Standard Operating Procedures in a structured format
- Follow-up on closure of findings/observations from Secure Code Reviews & Penetration Testing,
- Follow-up with IT Teams on Patching, Anti-Virus Updates, removal of non-standard assets, asset hardening, etc.
- User Access Management such as removal of Toxic Access Combinations, removal of elevated privileges,
- Extended knowledge of end-to-end IT Security concepts
- Good communication, technical writing/diagramming skills.
- Experience in the Finance & IT industry with a strong exposure to IT Operations, Application Security, SOC/SIEM, and/or network administration, IPS and Business Continuity
- Good understanding of financial trading and operating environment
- Must be able to handle customers in a confident, positive and responsive manner
- Network protocols and network connectivity concepts; Firewall and Internet technologies; Cloud Security, Banking Tools & Technologies;
- Secure access control mechanisms; Encryption and Key Management techniques
- To know how to define an action plan and to follow up on progress, be organized and meticulous
- Must be motivated, and able to work independently as well as part of a team
- Must demonstrate ethical responsibility, maturity, and discretion
- Microsoft Office tools such as MS Word, MS Excel, MS PowerPoint, SharePoint
: IN-MH-Mumbai
: Standard / Permanent
: INFORMATION TECHNOLOGY
Education Level: Bachelor Degree or equivalent (>= 3 years)
Experience Level: At least 10 years
: Full-time
