Operation Security Engineer

APAC Production Security teams (based in Singapore and India) is covering multiple IT Security challenging tasks for BNP Paribas Asia Pacific region, such as:

- Production CSIRT / Logging & Detection

- Network Security

- Vulnerability & Compliance Security scanning

- Privileged Identity Management

- Designing & Implementation of Security solutions

- Production Support of Security solutions

The team in India is currently looking for an IT Security Professional, in order to reinforce its CSIRT Governance/Execution and Threat Hunting capability. The new joiner will improve the bank capabilities :

- To strengthen the governance and improve the CSIRT efficiency

- To participate as a Blue Teamer to security incident response and handle purple team exercises

- To detect APT (tool deployment, model update)

- To reinforce the skills of the team on L2/L3 topics

In particular, the new joiner will work closely with APAC CSIRT and Threat Intelligence teams.

Finally, the new joiner will fully be part of the Production CSIRT / Logging & Detection team and will have the opportunity to expand the scope of activities within the team.

Responsibilities

• Analyze the security alerts triggered on SIEM platform
• Finetune security alerts and provide suggestions
• Participate in the Incident Response and the development of new use cases in partnership with Logging and Detection Team
• Respond to Security Incident and provide accurate and efficient response
• Actively work on Threat Hunting methodologies, tools deployment and activities within and across BNP Paribas APAC, in close collaboration with Production and APAC CSIRT/CTI teams
• Be a full time member of the Production CSIRT / Logging & Detection team and participate to the various activities of the team

• Contribute to the Permanent Control framework for implementation of policies and procedures in day-to-day business activities, such as Control Plan.
• Comply with regulatory requirements and internal guidelines.
• Contribute to the reporting of all incidents according to the Incident Management System
• Enhancement and definition of the Incident Response framework within the Bank
• Responsible for 24/7 SOC operations

• At least 2-5 years of experience as SOC Analyst
• Strong understanding of cyber threat analysis models such as kill chain, diamond model, etc and how they apply to both targeted and non-targeted threats
• Experience on Operating Systems (Windows, UNIX)
• Strong understanding of common security products and technologies utilized in Enterprise environments (proxies, WAF, Firewalls, IDS/IPS, Anti-Malware, Endpoint, etc.)
• Understanding of the OSI stack and the various protocols from layer 1 to 7 including SNMP, HTTP, VPN, DNS, etc.
• Independent, self-motivated and innovative with good problem solving, interpersonal and communication skills, and can foster teamwork
• Experience in common scripting languages such as Python, PowerShell or BASH

• University degree or equivalent in IT discipline (pref in IT Security)
• Professional credentials in one of the relevant IT Security disciplines
• Any SOC/SIEM related Certification is a plus

Skills Referential

BehaviouralSkills:

• Ability to collaborate / Teamwork
• Attention to detail / rigor
• Ability to deliver / Results driven
• Communication skills - oral & written

Transversal Skills:

• Ability to understand, explain and support change
• Analytical Ability
• Ability to inspire others & generate people''s commitment
• Ability to develop and leverage networks
• Ability to manage / facilitate a meeting, seminar, committee, training

Education Level:

Bachelor Degree or equivalent

Experience Level

At least 3 years