Network Security Architect, hibrido
Empresa
BNP Paribas
Provincia
Madrid
Ciudad
Madrid
Tipo de Contrato
Tiempo Completo
Descripción
Network Security Architect
The BNP Paribas Groupis one of the largest international banking networks, with a presence in 72 countries. The organization is an international financial services group, with more than 200,000 employees with solid roots in Europe.
The BNP Paribas Groupis organized around two main activities: Retail Banking and Corporate Institutional Banking (CIB).
The ITproductionhas two mainentitiesITGProductionand ITO, with a main governanceleadby ITGP.
ITG Production Network Security provide securely some critical services and maintain them constantly in other to offer best possible user experience and accompany the business growth.
The services concerned are Remote Access, Connectivity to Cloud Services (SAAS, IAAS, PAAS), Firewalls and IPS segmentation filtering and Automation solutions.
The Network Security teams are responsible for designing, deploying, and supporting these services for all IT Group users ( 100 000). They are performing that according to the Group guidelines and standards (Security, compliance, features, infrastructures, ...)
ABOUT THE JOB
MISSION
The successful candidate will include Network and Security teams and will collaborate with them and other teams in IT Group by designing, building and providing level 3 support on security services and components such as firewalls/IPS and VPN concentrators while respecting processes and focusing on customer needs or issues.
RESPONSIBILITIES
Architecture and Infrastructure management
- Study projects need and propose security solution to answer business need
- Build new infrastructure which comply our standard
- Study product evolution and optimisation to improve our service quality
- Manage product roadmap to prevent any risk on the production
Incident handling in Service support
- Prioritize, schedule, troubleshoot and resolve incoming support requests
- Perform, when required, appropriate ticket escalation
- Follow and monitor the progress of incidents until they are resolved and closed
- Keep regular and clear communication about incident status
- Create, and maintain a knowledge base with appropriate solutions
- Implement documented instructions and recommendation
- Identify opportunities for improvement and make constructive suggestions to be more proactive
Customer Request handling
- Be sensitive to customer needs and provide him with advice
- Understand request processes, workflows, and service catalogues
- Qualify and handle customer requests according to the Service Level Agreements
- Provide technical support and improve the user experience
Asset Management and monitoring
- Participate to asset upgrade and migration campaigns
- Participate to asset security patching campaigns and compliance remediation actions plans
- Participate to business continuity exercises to ensure resilience of services and infrastructures
- Perform daily health checks of services and infrastructure based on performance indicators
- Perform monthly IT operational permanent control to ensure stability and enhance reliability
REQUIREMENTS
Required:
- Study and Design security components to comply with security standard
- Understand service and component resiliency
- Firewalls vendor : Fortinet, Palo Alto Network and Check Point including the management console (FortiManager, Panorama, Multi-Domain Security Management)
- Remote access on VPN SSL concentrators: Cisco ASA (Adaptive Security Appliance) and Cisco Secure Client
- Intrusion Prevention/Detection System and Network Detection and Response
- Change, incident, problem management according to ITIL standards
- ServiceNow ticketing et request solution
- Ability to draw infrastructure scheme
- Write architecture and production documents (HLD, LLD)
- Tests equipment to validate new feature or product evolution.
- Monitoringand alerting: Zabbix, Grafana, Dynatrace syslog,
- Reporting, logging and SIEM
- Troubleshooting (PCAP analysis...)
Nice to have:
- Understand Browsing and Hosting infrastructures components, behaviours protocols.
- SDWAN architecture SASE network evolution
- Public and Private Cloud infrastructure
- Ansible development skills
- Create insightful dashboard on Elastic Search
Languages
- - Fluency in English
- French is a plus
SKILLS
- Minimum 7-year experience in large network security environments.
- Be sensitive to customer needs and with a strong sense of accountability.
- Maintain cooperative and effective working relationships with other teams (Level 1 and 3 support engineers)
- Meet and communicate regularly to discuss successes and struggles to enhance service quality
- Ability to work autonomously and share with his team
- Ability to think logically and analytically in a problem-solving situation
- Level 3 support tasks during business non-business hours (follow-the-sun)
OTHERS
- Available for On Site Services: 08:00 to 19:00 regular schedule.
- Available for On Call Services: Off regular schedule services in 24/7 weekly shifts.
Transversal Behavioral
- Accountability
- Resilience
- Good interpersonal skills
BENEFITS
Training programs, career plans and internal mobility opportunities, national and international thanks to our presence in different countries.
Diversity and Inclusion Committee that ensures an inclusive work environment. In recent years, several employee communities have been created to organize diversity and inclusion awareness actions (PRIDE, We Generations and MixCity).
Corporate volunteering program (1 Million Hours 2 Help) in which employees can dedicate time out of their working hours to volunteer activities.
Flexible compensation plan.
Hybrid telecommuting model (50 ).
32 vacation days.
Fortinet, Palo Alto, cisco,
The BNP Paribas Groupis one of the largest international banking networks, with a presence in 72 countries. The organization is an international financial services group, with more than 200,000 employees with solid roots in Europe.
The BNP Paribas Groupis organized around two main activities: Retail Banking and Corporate Institutional Banking (CIB).
The ITproductionhas two mainentitiesITGProductionand ITO, with a main governanceleadby ITGP.
ITG Production Network Security provide securely some critical services and maintain them constantly in other to offer best possible user experience and accompany the business growth.
The services concerned are Remote Access, Connectivity to Cloud Services (SAAS, IAAS, PAAS), Firewalls and IPS segmentation filtering and Automation solutions.
The Network Security teams are responsible for designing, deploying, and supporting these services for all IT Group users ( 100 000). They are performing that according to the Group guidelines and standards (Security, compliance, features, infrastructures, ...)
ABOUT THE JOB
MISSION
The successful candidate will include Network and Security teams and will collaborate with them and other teams in IT Group by designing, building and providing level 3 support on security services and components such as firewalls/IPS and VPN concentrators while respecting processes and focusing on customer needs or issues.
RESPONSIBILITIES
Architecture and Infrastructure management
- Study projects need and propose security solution to answer business need
- Build new infrastructure which comply our standard
- Study product evolution and optimisation to improve our service quality
- Manage product roadmap to prevent any risk on the production
Incident handling in Service support
- Prioritize, schedule, troubleshoot and resolve incoming support requests
- Perform, when required, appropriate ticket escalation
- Follow and monitor the progress of incidents until they are resolved and closed
- Keep regular and clear communication about incident status
- Create, and maintain a knowledge base with appropriate solutions
- Implement documented instructions and recommendation
- Identify opportunities for improvement and make constructive suggestions to be more proactive
Customer Request handling
- Be sensitive to customer needs and provide him with advice
- Understand request processes, workflows, and service catalogues
- Qualify and handle customer requests according to the Service Level Agreements
- Provide technical support and improve the user experience
Asset Management and monitoring
- Participate to asset upgrade and migration campaigns
- Participate to asset security patching campaigns and compliance remediation actions plans
- Participate to business continuity exercises to ensure resilience of services and infrastructures
- Perform daily health checks of services and infrastructure based on performance indicators
- Perform monthly IT operational permanent control to ensure stability and enhance reliability
REQUIREMENTS
Required:
- Study and Design security components to comply with security standard
- Understand service and component resiliency
- Firewalls vendor : Fortinet, Palo Alto Network and Check Point including the management console (FortiManager, Panorama, Multi-Domain Security Management)
- Remote access on VPN SSL concentrators: Cisco ASA (Adaptive Security Appliance) and Cisco Secure Client
- Intrusion Prevention/Detection System and Network Detection and Response
- Change, incident, problem management according to ITIL standards
- ServiceNow ticketing et request solution
- Ability to draw infrastructure scheme
- Write architecture and production documents (HLD, LLD)
- Tests equipment to validate new feature or product evolution.
- Monitoringand alerting: Zabbix, Grafana, Dynatrace syslog,
- Reporting, logging and SIEM
- Troubleshooting (PCAP analysis...)
Nice to have:
- Understand Browsing and Hosting infrastructures components, behaviours protocols.
- SDWAN architecture SASE network evolution
- Public and Private Cloud infrastructure
- Ansible development skills
- Create insightful dashboard on Elastic Search
Languages
- - Fluency in English
- French is a plus
SKILLS
- Minimum 7-year experience in large network security environments.
- Be sensitive to customer needs and with a strong sense of accountability.
- Maintain cooperative and effective working relationships with other teams (Level 1 and 3 support engineers)
- Meet and communicate regularly to discuss successes and struggles to enhance service quality
- Ability to work autonomously and share with his team
- Ability to think logically and analytically in a problem-solving situation
- Level 3 support tasks during business non-business hours (follow-the-sun)
OTHERS
- Available for On Site Services: 08:00 to 19:00 regular schedule.
- Available for On Call Services: Off regular schedule services in 24/7 weekly shifts.
Transversal Behavioral
- Accountability
- Resilience
- Good interpersonal skills
BENEFITS
Training programs, career plans and internal mobility opportunities, national and international thanks to our presence in different countries.
Diversity and Inclusion Committee that ensures an inclusive work environment. In recent years, several employee communities have been created to organize diversity and inclusion awareness actions (PRIDE, We Generations and MixCity).
Corporate volunteering program (1 Million Hours 2 Help) in which employees can dedicate time out of their working hours to volunteer activities.
Flexible compensation plan.
Hybrid telecommuting model (50 ).
32 vacation days.
Fortinet, Palo Alto, cisco,