Web Security Infrastructure Engineer

May 11, 2023
Employment contract
Standard / Permanent
Job / Mission
Apply for this job

BNP Paribas is looking for a Web Security Infrastructure Engineer to reinforce the Web Security and Authentication squad. The squad is part of the IT Middleware Services Tribe and will work together with the existing Web Infrastructure Tooling & Hosting, Web Design and Secure Gateways squads for the technical design, installation, set-up, industrialization, management, support, and documentation of the BNP Paribas Fortis Web Security Infrastructure.


The Web Security Infrastructure Engineer is responsible for:

  • Design, deliver and support the integration layer between operating systems and business applications within distributed environments for Web and mobile applications.
  • Focuses on the integration of web applications in the Web Infrastructure, for the intranet as well as for the internet (DMZ) and cloud applications.
  • Deploy and maintain a consistent and complex Web site infrastructure
  • Help to identify, recommend, and prioritize new platform features in conjunction with application developers and architects.
  • Ability to challenge new and existing solutions, architectures and defend it towards the interest of the bank (maintenance, costs, security)
  • Identify reusable components required for Web Security and ensure the high quality of the service
  • Share knowledge with colleagues on technology subjects, solutions, best practices on vendor specific and on generic security components
  • Establish and document installations, guidelines, policies, and procedures for relevant stakeholders, including the squad.
  • Active participation in production support (incident, problem and change management) for the Web Security squad. Support other squad in non-prod, providing guidelines, troubleshooting
  • Set and enforce compatibility and interoperability standards that ensure site accessibility for all users.
  • Monitor and report on Web site traffic and performance
  • Contribute to the evolution of our automation framework.

What qualities do we look for?

As a Web Security Infrastructure Engineer, we expect good knowledge in the following areas:

  • At least 2 years of experience with ISAM/ISVA or similar (as from version 9 and modules: AAC, Infomap, Federation)
  • At least 3 years of experience in Web Security
  • A professional experience of at least 5 years, some in development
  • Proven experience with reverse proxies, Webseal, ISAM or similar
  • Good and proven knowledge on: Web access management, Web authentication practices, SSL/TLS (and mutual auth.), SSO, Identity Federation, PKI, certificates, OpenID Connect, OAuth 2.0, SAML 2.0
  • Good knowledge on: XML/XSLT
  • Good practical knowledge of automation frameworks like Ansible (tower) and GIT integration
  • Practical experience with DevOps methodologies and container technologies such as Docker
  • Generic knowledge on firewalls, web application firewalls, load balancers, networks, DMZ, network security
  • Experience with support on intranet and extranet development
  • Very good communication skills in English (oral and written); knowledge of French or Dutch is a plus
  • Agile Methodology (Spotify flavor) previous experience is a plus
  • Preferable to be able to understand bank related business processes and assess impacts on business
  • ITIL Foundation knowledge will be desirable
  • On site presence (hybrid mode) and on call support is expected.

Nice to have:

  • Security Token Service (STS) and/or TFIM experience + SOAP and WS-Trust knowledge. Token exchange knowledge
  • Recent successful proven experience in similar/comparable scope
  • Good coding experience: Python; JavaScript server side (Rhino JS) are example of used languages & Ability to understand and translate existing code source
  • Strong experience in security of Web Infrastructure in larger organizations
  • Good experience in Shell scripting (automation of curl commands)
  • Knowledge in web and application servers including Apache and WebSphere

General Skills we expect:

  • High awareness to risks related to the financial sector
  • Follows the Customer processes for projects, incident and change management
  • Being standalone and team worker, analytical minded, meet commitment, ability to work in a dynamic and multi-cultural environment, flexible, customer-oriented, understand risk awareness
  • Team player – we work together and not as individuals
  • Quick self-starter, pro-active attitude
  • Good communication and influencing skills
  • Good analytical and synthesis skills
  • Autonomy, commitment, and perseverance
  • Ability to work in a dynamic and multicultural environment
  • Flexibility (in peak periods extra efforts may be required)
  • Stress resistant
  • Open minded and show flexibility in self-learning new technologies / tools

Why choose BNP Paribas?

  • Progressive career development opportunities of a large multi-national bank
  • Talent Development opportunities within BNP Paribas Group
  • Employee culture that is focused on creating a great place to work
  • Multinational business environment
  • On-the-job training and networking opportunities.