About BNP Paribas Group
BNP Paribas Group is a leading European bank with a strong global footprint across 72 markets and more than 202,000 employees. The Group provides corporates, institutional and private investors with product and service solutions tailored to their specific needs. It offers a wide range of financial services covering corporate & institutional banking, wealth management, asset management, insurance, as well as retail banking and consumer financing through strategic partnerships.
About BNP Paribas India Solutions
Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas Group, a leading bank in Europe with an international reach. With delivery centers located in Mumbai and Chennai, we are a 24x7 global delivery center. We partner various business lines of BNP Paribas such as Corporate and Institutional Banking, Wealth Management, Retail Banking through three verticals - Information Technology, Operations and Finance Shared Services.
About Business Line/Function
CDF CISO BUREAU is a unit which making sure that CISO key objectives are in line with Group strategy.
Job Title
Cyber Security Engineer
Date
Department:
CDF/CISO bureau
Location:
Mumbai
Business Line / Function
ITG
Reports To
(Direct)
Grade
(if applicable)
(Functional)
Number Of Direct Reports
Directorship / Registration:
NA
Position Purpose
The main responsibility of Cybersecurity personnel is to develop and implement integrated solutions in the IT risk management policy approach.
Responsibilities
- Receive, triage, and approve remote access tickets (VPN, ZTNA, SSC).
- Maintain the Access Exception Register for out of policy connections and enforce remediation timelines.
- Validate environment specific access (Dev/Test/Prod) with application owners.
- Continuously monitor remote session logs, flag anomalies, and trigger incident response.
- Produce weekly/monthly KPI dashboards (request to grant time, exception ageing, usage trends).
- Create & maintain Resource Groups the technical catalogue of infrastructure assets that can be granted privileged rights.
- Define Rolesthat map one or more Resource Groups to a logical business function (e.g., Finance
Payments Prod).
- Onboard/ off board Users assign Roles to identities based on role based access control policies, ensuring least privilege.
- Process entitlement change requests through the IGA platform (SailPoint, Saviynt, etc.) and hand off approved changes to the CyberArk team for credential provisioning.
- Lead quarterly Role Attestation/Recertification cycles with line of business managers.
- Keep a complete audit trail of role to resource & role to user mappings, approvals, and revocations.
Technical & Behavioral Competencies
Functional Skills
- Serve as the liaison between IAM, ServiceNow/ITSM, Application owners, and the CyberArk PAM team.
- Participate in security incident response for remoteaccess or privilegedaccess breaches.
- Contribute to policy updates (RemoteAccess Policy, PAM Standards, RBAC Design Guidelines).
- Demonstrates a calm professional approach, with a good understanding of delivery within time constraints and the need to escalate/inform departmental management as appropriate;
- IT knowledge
Technical
- Remote access concepts (VPN, ZTNA, MFA, conditional access).
- IAM/IGA fundamentals RBAC, ABAC, entitlement lifecycle, least privilege.
- Experience with at least one IGA platform (SailPoint, Saviynt, One Identity, IBM Security Verify Governance, etc.).
- Basic scripting/automation (PowerShell, Python, Bash) for repetitive tasks.
Behavioral
- Strong Communication, Analytical and problem-solving skills.
- Proven organizational skills with excellent multi-tasking, result oriented and prioritization skills
- Good documentation and reporting skills
- Ability to work independently
- Strong communication and interpersonal skills, able to communicate and relate easily with IT, Finance and back office users
- Good communication, technical writing/diagramming skills
- Attention to details and accuracy
- Capacit for crativit and innovation
- Self-discipline
Specific Qualifications (if Required)
- Bachelor's in Computer Science, Information Security, Business Information Systems, or related field.
- Certifications such as CISSP, CISM, CompTIA Security+, Certified Identity & Access Manager (CIAM) are a plus.
Skills Referential
Behavioural Skills: (Please select up to 4 skills)
Communication skills - oral & written
Attention to detail / rigor
Ability to deliver / Results driven
Creativity & Innovation / Problem solving
Transversal Skills: (Please select up to 5 skills)
Analytical Ability
Ability to manage a project
Ability to understand, explain and support change
Ability to develop and adapt a process
Ability to anticipate business / strategic evolution
Education Level
Bachelor Degree or equivalent
Experience Level
At least 5 years
Other/Specific Qualifications (if required) CISSP, CISM, CompTIA Security+, Certified Identity & Access Manager (CIAM) are a plus.
