*Position is Bonus eligible* Prestigious Financial Company is currently seeking a Senior PAM PKI Security Engineer. Candidate will be responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Responsibilities: Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
25/07/2024
Full time
*Position is Bonus eligible* Prestigious Financial Company is currently seeking a Senior PAM PKI Security Engineer. Candidate will be responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Responsibilities: Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
Request Technology - Craig Johnson
Chicago, Illinois
*Position is Bonus eligible* Prestigious Financial Company is currently seeking a Senior PAM PKI Security Engineer. Candidate will be responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Responsibilities: Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
25/07/2024
Full time
*Position is Bonus eligible* Prestigious Financial Company is currently seeking a Senior PAM PKI Security Engineer. Candidate will be responsible for applying skills and knowledge to perform functions for Privileged Access and Secrets Management solutions, Hardware security modules (HSMs), and encryption practices. You must ensure to take a security first approach when deploying or integrating Secrets Management, PKI, Sessions Management, or authentication integrations under the team's purview using agile methodology. Responsibilities: Design, document, deploy, and support PAM solutions supporting vaulting, session management, hardcoded credential removal, and support integrations with PAM solution for secure secrets management supporting app-to-app communication. Design, document, develop, and support PAM integrations to support automated password rotations and establishing secure sessions through jump host solution. Design, document, implement, and maintain our Certificate Authority PKI infrastructure. Ensure certificates are correctly issued, renewed, and revoked as necessary. Implement and manage certificate templates and revocation configurations. Implement, configure, and maintain HSMs to support PKI operations. Work with vendors to ensure systems are patched and up to date. Address and troubleshoot issues related to PAM, PKI, and HSM solutions. Implement and manage encryption tools and software. Ensure team solutions are monitored following best practice. Proficient in using Scripting and automation skills to convert manual maintenance and audit functions into orchestrated automation. Track and execute work following agile best practices with self-motivation to bring a task from ideation to implementation. Ability to operate in a highly regulated complex operational environment and collaborate with internal SMEs required to maintain and mature the PAM program. Document, review, and update run books supporting Secrets and Privileged Access Management solutions. Develop and maintain encryption standards, practices, and solutions. Develop and maintain documentation related to PAM policies, procedures, and configurations. Qualifications: The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the primary functions. Experience with enterprise PAM tools and technologies such as various CyberArk and HashiVault components and underlying infrastructure supporting those technologies. Experience with various integration techniques for Secrets Management and Privileged Management to target systems such as databases, directories, and applications. Experience with Microsoft certificate authority PKI infrastructure. Experience with hardware security modules (HSMs). Experience with Python, Ansible, Terraform, and YAML packages. Requires in-depth knowledge of PAM and Secrets Management best practices. Requires in-depth knowledge of encryption algorithms, protocols, and best practices. Working knowledge of system monitoring techniques and tooling. Working knowledge of the cloud ecosystem and CI/CD deployments with Terraform, Ansible, and Jenkins pipelines. 5+ years of experience with PAM tools and technologies. 3+ years of experience in PKI infrastructure including Microsoft Certificate Authority. Bachelor's degree in computer science, Information Technology, or related field. Technical Skills: Hands on deployment, management, and troubleshooting experience with HSMs, MS PKI, HashiCorp Vault, and all CyberArk components (AIM, PSM/P, PVWA, CPM, VAULT). Hands on experience leveraging APIs. Knowledge of cryptographic operations, secure key storage, and key life cycle management with HSM and encryption tools. Knowledge of end-to-end encryption, data at rest, and data in transit protection methodologies. Ability to interpret logs and events related to PKI, HSMs, encryption, and PAM activities. 5+ years of experience with security engineering activities and testing. 5+ years of experience with privileged access management platforms. 3+ years of experience with HSM, PKI, Microsoft Certificate Authority. 2+ years of experience with DevOps/DevSecOps (eg, GitOps, Version Control, RESTful APIs) 2+ years of experience with cloud architecture and deployments. Certificates or Licenses: CyberArk Defender, Sentry, or Guardian HashiCorp Certified: Terraform Associate HashiCorp Certified: Vault Associate Certification Information Systems Security Professional (CISSP) AWS Certified Security Specialty CompTIA Security+ Microsoft Certified: Security Engineer Associate
x86 Hardware Product SME Whitehall Resources require an x86 Hardware Product SME to work with a key client on an initial 3-month contract. * This role will require 2 days on site per week in Sheffield. * Inside IR35. x86 Hardware Product SME Role Description: Work alongside the CTO Distributed Compute Product Management teams in providing expert guidance and knowledge when defining technical direction of x86 server hardware. They will support vendor engagement including service escalation, ongoing relationship management. They will support the business by understanding available x86 hardware bundles, firmware/microcode release cycle, acting as key technical bridge between business, architecture, and engineering teams as well as vendors. They will provide engagement on architectural, operational, security and other technical issues. To be successful in this role, you should meet the following requirements: . Proficient in x86 Server Hardware and components: Dell, Lenovo and HPE with experience of large, complex enterprise estates . A deep technical understanding of common remote server management software: iDRAC, XCC and iLO . Experience in certifying the overlaying Windows, RedHat and ESXi operating system products on x86 server hardware . In depth experience of dealing with Security and Compliance within a large financial institution. . Appreciation of integration of services in a data driven organisation using APIs. . Innovative approach to deployment methodologies . Experience of working with agile practices and toolsets including JIRA and Confluence . Excellent written and verbal communication skills, with the ability to influence stakeholders at all levels . Ability to work with globally distributed teams including 3rd party vendors . A proven track record in applying these skills across Enterprise scale estates . Active listening, negotiation, problem-solving . Passionate about technology and solving IT operations-focused problems . Proven experience in Compute, Hypervisors, Storage, Networks . Keep up to date and have expertise on current tools, technologies and areas like cyber security and regulations pertaining to aspects like data privacy, consent, data residency etc. that are applicable All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
25/07/2024
Project-based
x86 Hardware Product SME Whitehall Resources require an x86 Hardware Product SME to work with a key client on an initial 3-month contract. * This role will require 2 days on site per week in Sheffield. * Inside IR35. x86 Hardware Product SME Role Description: Work alongside the CTO Distributed Compute Product Management teams in providing expert guidance and knowledge when defining technical direction of x86 server hardware. They will support vendor engagement including service escalation, ongoing relationship management. They will support the business by understanding available x86 hardware bundles, firmware/microcode release cycle, acting as key technical bridge between business, architecture, and engineering teams as well as vendors. They will provide engagement on architectural, operational, security and other technical issues. To be successful in this role, you should meet the following requirements: . Proficient in x86 Server Hardware and components: Dell, Lenovo and HPE with experience of large, complex enterprise estates . A deep technical understanding of common remote server management software: iDRAC, XCC and iLO . Experience in certifying the overlaying Windows, RedHat and ESXi operating system products on x86 server hardware . In depth experience of dealing with Security and Compliance within a large financial institution. . Appreciation of integration of services in a data driven organisation using APIs. . Innovative approach to deployment methodologies . Experience of working with agile practices and toolsets including JIRA and Confluence . Excellent written and verbal communication skills, with the ability to influence stakeholders at all levels . Ability to work with globally distributed teams including 3rd party vendors . A proven track record in applying these skills across Enterprise scale estates . Active listening, negotiation, problem-solving . Passionate about technology and solving IT operations-focused problems . Proven experience in Compute, Hypervisors, Storage, Networks . Keep up to date and have expertise on current tools, technologies and areas like cyber security and regulations pertaining to aspects like data privacy, consent, data residency etc. that are applicable All of our opportunities require that applicants are eligible to work in the specified country/location, unless otherwise stated in the job description. Whitehall Resources are an equal opportunities employer who value a diverse and inclusive working environment. All qualified applicants will receive consideration for employment without regard to race, religion, gender identity or expression, sexual orientation, national origin, pregnancy, disability, age, veteran status, or other characteristics.
Role Title: x86 Hardware Product SME Location: Hybrid (Sheffield) Duration: Until 29/11/24 £500-540 per day - umbrella only Would you like to join a global leader in consulting, technology services and digital transformation? Our client is at the forefront of innovation to address the entire breadth of opportunities in the evolving world of cloud, digital and platforms. Role Description: Work alongside the CTO Distributed Compute Product Management teams in providing expert guidance and knowledge when defining technical direction of x86 server hardware. They will support vendor engagement including service escalation, ongoing relationship management. They will support the business by understanding available x86 hardware bundles, firmware/microcode release cycle, acting as key technical bridge between business, architecture, and engineering teams as well as vendors. They will provide engagement on architectural, operational, security and other technical issues. To be successful in this role, you should meet the following requirements: Proficient in x86 Server Hardware and components: Dell, Lenovo and HPE with experience of large, complex enterprise estates A deep technical understanding of common remote server management software: iDRAC, XCC and iLO Experience in certifying the overlaying Windows, RedHat and ESXi operating system products on x86 server hardware In depth experience of dealing with Security and Compliance within a large financial institution. Appreciation of integration of services in a data driven organisation using APIs. Innovative approach to deployment methodologies Experience of working with agile practices and toolsets including JIRA and Confluence Excellent written and verbal communication skills, with the ability to influence stakeholders at all levels Ability to work with globally distributed teams including 3rd party vendors A proven track record in applying these skills across Enterprise scale estates Active listening, negotiation, problem-solving Passionate about technology and solving IT operations-focused problems Proven experience in Compute, Hypervisors, Storage, Networks Keep up to date and have expertise on current tools, technologies and areas like cyber security and regulations pertaining to aspects like data privacy, consent, data residency etc. that are applicable All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
25/07/2024
Project-based
Role Title: x86 Hardware Product SME Location: Hybrid (Sheffield) Duration: Until 29/11/24 £500-540 per day - umbrella only Would you like to join a global leader in consulting, technology services and digital transformation? Our client is at the forefront of innovation to address the entire breadth of opportunities in the evolving world of cloud, digital and platforms. Role Description: Work alongside the CTO Distributed Compute Product Management teams in providing expert guidance and knowledge when defining technical direction of x86 server hardware. They will support vendor engagement including service escalation, ongoing relationship management. They will support the business by understanding available x86 hardware bundles, firmware/microcode release cycle, acting as key technical bridge between business, architecture, and engineering teams as well as vendors. They will provide engagement on architectural, operational, security and other technical issues. To be successful in this role, you should meet the following requirements: Proficient in x86 Server Hardware and components: Dell, Lenovo and HPE with experience of large, complex enterprise estates A deep technical understanding of common remote server management software: iDRAC, XCC and iLO Experience in certifying the overlaying Windows, RedHat and ESXi operating system products on x86 server hardware In depth experience of dealing with Security and Compliance within a large financial institution. Appreciation of integration of services in a data driven organisation using APIs. Innovative approach to deployment methodologies Experience of working with agile practices and toolsets including JIRA and Confluence Excellent written and verbal communication skills, with the ability to influence stakeholders at all levels Ability to work with globally distributed teams including 3rd party vendors A proven track record in applying these skills across Enterprise scale estates Active listening, negotiation, problem-solving Passionate about technology and solving IT operations-focused problems Proven experience in Compute, Hypervisors, Storage, Networks Keep up to date and have expertise on current tools, technologies and areas like cyber security and regulations pertaining to aspects like data privacy, consent, data residency etc. that are applicable All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
Mission Context: Do you want to shape the future of banking today? At BNP Paribas Fortis, the leading bank in the country, our team transforms challenges into opportunities, providing clients with innovative solutions tailored to their needs. Our Centre of Expertise (COE) Security department supports IT and Business in making informed information security risk decisions and implementing a robust information security management system. The purpose of the Cyber Defense team is to prepare for and respond to unauthorized cyber activities by providing the following services: - Proactive Services: Support and intelligence to prepare and secure bank systems against cyber-attacks, ensuring the collection, assessment, and sharing of threat information. - Reactive Services: Activated by a request, incident, or event identified by an intrusion detection system or reported by humans. To support these services, BNP Paribas Fortis is seeking a Security Logging & Monitoring Specialist. Role Overview: Your Future Role: The Security Logging & Monitoring Specialist represents various stakeholders and the internal client's voice, identifying their expectations, preferences, and aversions, and translating these into business requirements. The Specialist ensures the engineering team thoroughly understands the products and monitors progress. The role includes defining stories, prioritizing the backlog, and organizing the execution of operational priorities while maintaining the conceptual and technical integrity of features/user stories. The Specialist also plays a significant role in quality assurance and is empowered to judge the finalization of stories. Key Responsibilities: - Translate the Cyber Defense vision and strategy into a target operating model and processes for Security Logging & Monitoring capabilities. - Effectively communicate the target operating model and processes to key stakeholders and Cyber Defense team members. - Incorporate stakeholder input into the product roadmap and negotiate priorities based on value to BNP Paribas Fortis. - Collaborate daily with stakeholders and IT teams to clarify requirements, remove roadblocks, and ensure alignment around Security Logging & Monitoring capabilities. - Ensure delivery of the Security Logging & Monitoring yearly roadmap by partnering with delivery teams, removing barriers, and resolving issues quickly and efficiently. - Set quality standards for delivery, develop test plans, monitor user story acceptance criteria, review deliverables, provide feedback, and improve team processes. - Lead problem resolution to ensure prompt and efficient service. - Manage Security Logging & Monitoring key performance indicators (KPIs). Applicative Security Logging & Monitoring: - Understand banking applications (API, Payments) and their business context. - Translate a complex applicative ecosystem, distributed across many layers and devices, into effective detection conditions (events, log sources, detection logic). - Improve and maintain the applicative use case creation and maintenance methodology, considering the relationships among all actors involved locally and in the BNPP Group. Language Requirements: - Dutch: Good spoken (preferable) - French: Good spoken (mandatory) - English: Fluent spoken & written (mandatory) Education: Bachelor's or Master's degree or equivalent by experience. Technical Experience (Mandatory): - At least 5 years of experience in information security, preferably 7 years. - Strong knowledge of IT security technology and processes (secure networking, web infrastructure, system security, SOC tooling, etc.). - Experience building SOC-related frameworks: target operating models, roles, processes. - Experience with processes in a SOC or CSIRT environment. - Experience setting best practices and quality controls over SOC processes. - Knowledge of the applicative security ecosystem. Preferable: - Knowledge of the architecture of banking applications. - Knowledge of log aggregation, SIEM solutions, and Digital Analytics Platforms such as Splunk, ArcSight, ELK, etc. - Knowledge of Web Application Security Development (OWASP).
23/07/2024
Project-based
Mission Context: Do you want to shape the future of banking today? At BNP Paribas Fortis, the leading bank in the country, our team transforms challenges into opportunities, providing clients with innovative solutions tailored to their needs. Our Centre of Expertise (COE) Security department supports IT and Business in making informed information security risk decisions and implementing a robust information security management system. The purpose of the Cyber Defense team is to prepare for and respond to unauthorized cyber activities by providing the following services: - Proactive Services: Support and intelligence to prepare and secure bank systems against cyber-attacks, ensuring the collection, assessment, and sharing of threat information. - Reactive Services: Activated by a request, incident, or event identified by an intrusion detection system or reported by humans. To support these services, BNP Paribas Fortis is seeking a Security Logging & Monitoring Specialist. Role Overview: Your Future Role: The Security Logging & Monitoring Specialist represents various stakeholders and the internal client's voice, identifying their expectations, preferences, and aversions, and translating these into business requirements. The Specialist ensures the engineering team thoroughly understands the products and monitors progress. The role includes defining stories, prioritizing the backlog, and organizing the execution of operational priorities while maintaining the conceptual and technical integrity of features/user stories. The Specialist also plays a significant role in quality assurance and is empowered to judge the finalization of stories. Key Responsibilities: - Translate the Cyber Defense vision and strategy into a target operating model and processes for Security Logging & Monitoring capabilities. - Effectively communicate the target operating model and processes to key stakeholders and Cyber Defense team members. - Incorporate stakeholder input into the product roadmap and negotiate priorities based on value to BNP Paribas Fortis. - Collaborate daily with stakeholders and IT teams to clarify requirements, remove roadblocks, and ensure alignment around Security Logging & Monitoring capabilities. - Ensure delivery of the Security Logging & Monitoring yearly roadmap by partnering with delivery teams, removing barriers, and resolving issues quickly and efficiently. - Set quality standards for delivery, develop test plans, monitor user story acceptance criteria, review deliverables, provide feedback, and improve team processes. - Lead problem resolution to ensure prompt and efficient service. - Manage Security Logging & Monitoring key performance indicators (KPIs). Applicative Security Logging & Monitoring: - Understand banking applications (API, Payments) and their business context. - Translate a complex applicative ecosystem, distributed across many layers and devices, into effective detection conditions (events, log sources, detection logic). - Improve and maintain the applicative use case creation and maintenance methodology, considering the relationships among all actors involved locally and in the BNPP Group. Language Requirements: - Dutch: Good spoken (preferable) - French: Good spoken (mandatory) - English: Fluent spoken & written (mandatory) Education: Bachelor's or Master's degree or equivalent by experience. Technical Experience (Mandatory): - At least 5 years of experience in information security, preferably 7 years. - Strong knowledge of IT security technology and processes (secure networking, web infrastructure, system security, SOC tooling, etc.). - Experience building SOC-related frameworks: target operating models, roles, processes. - Experience with processes in a SOC or CSIRT environment. - Experience setting best practices and quality controls over SOC processes. - Knowledge of the applicative security ecosystem. Preferable: - Knowledge of the architecture of banking applications. - Knowledge of log aggregation, SIEM solutions, and Digital Analytics Platforms such as Splunk, ArcSight, ELK, etc. - Knowledge of Web Application Security Development (OWASP).