GROUP BNP PARIBAS
BNP Paribas Group is the top bank in the European Union and a major international banking establishment. It has close to 185,000 employees in 65 countries. In Spain we are more than 5,100 employees within 13 business lines.
Spain IT Production
Spain IT Production organization consists of CIB ITO & ITG IT Platforms and is responsible for providing IT Production services to our Clients in EMEA, ensuring a Digital Market evolution, in a secured and performant environment, and with a reliable quality. IT Production organisation includes Infrastructure services, Telecom & Workspace, Production Security and Application Production domains and associated transversal services (CTO Office, Control Tower, PMO and IT Continuity). In Spain, IT Production relies on a Platform with over 400 experts that provide full-stack support services ensuring a secure, stable, standardized, and efficient production.
ABOUT THE JOB
MISSION
The “Production Security” Domain is part of the Corporate & Institutional Banking Information Technology & Operations (CIB ITO) of BNP PARIBAS, it manages all the security solutions.
The SSO team provide identity and access management tooling as a middleware delivery team, supporting authentication and authorisation for both internal and external customers.
Using several standardised frameworks, the team maintains and governs access policies and works to deliver technologies to ensure that the right entities have the appropriate access to technology resources.
The SSO team is dealing with support and project delivery on the Identity and Access Management technologies: SiteMinder, LDAP, Axway API Gateway.
The jobholder will be part of multi-geographical (presence in 3 regions and 6 locations) and multi-disciplined team.
· Architecture
· Project Delivery
· Platform Support and Maintenance
· Incident and Problem Management
· Change Management
· General
The candidate will also be well versed with cryptographic notions such as RSA, symmetric and asymmetric encryption, certificates and digital signatures etc.
RESPONSIBILITIES
Full and detailed description of each responsibilities related above
Architecture
· To provide architectural expertise thereby driving change and improvement in technology and process.
· To contribute to the development of the SSO and LDAP technology roadmaps.
· To liaise with CIB architecture teams in undertaking architectural reviews.
· To stay abreast of emerging technologies and technology trends.
· To automatize the process to accelerate the delivery time
Project Delivery
· To take responsibility for the delivery of key projects around SSO and LDAP which are aligned to drive significant change within the platform.
· To work with the Application Production Support project managers in defining, designing, documenting and implanting new functionality for existing and new applications.
· To liaise with the Application Developers in low-level diagnosis of on-going issues.
· To provide subject matter expertise on SSO and IDM technologies to all business application teams.
· To act as technology evangelists for the improvement of process and technology in use for the Authentication services within BNP Paribas.
Platform Support and Maintenance
· Pro-actively monitor, manage and improve availability and performance of the production environments (from presentation and application layers to Infrastructure layers)
· Pro-actively manage the capacity of production applications
Incident and Problem Management
· To work with partner teams to conduct analysis of major and critical incidents.
· To identify tactical or strategic improvements that can be introduced to help reduce the number of on-going incidents within the SSO and LDAP area.
Change Management
· To work within the change management framework adopted by BNP Paribas to ensure that all changes to the production environment are planned and executed in a controlled manner.
· To take responsibility for the quality of changes within the SSO and IDM environments, ensuring that changes raised are of sufficient standard in terms of technical and planning detail.
· Attending and sharing knowledge / updates in the Weekly Change Control Board Meetings and the Weekly Problem Management Meetings.
General
· Perform pre-assigned tasks to accomplish the function responsible for. The nature of these tasks are Change The Bank or Run The Bank
· Work cooperatively with the other members of the team
· Ensure adherence to processes and procedures
· Request improvement of knowledge (training) when needed
· Apply own initiative, within the levels of acceptable risk
· Whenever in doubt, escalate and seek advice and guidance
· If the nature of the position is user-facing, then all the guidelines and principles of user service mentality and behaviour should be applied
· Escalate risks / issues to the manager of the team
· Minimise operational failure, including but not exclusively, the risk of fraud, by helping to devise, and by implementing, sufficient regular controls.
· Ensure appropriate escalation to management and/or Permanent Control (or Compliance as appropriate) as soon as an issue is identified.
· Provide a direct contribution to the BNPP operational permanent control framework.
As this is a production support role, focusing across a range of different and mostly innovative technologies, candidates must possess the aptitude and desire to learn. In addition, ability to be on call and provide support out of hours is essential.
REQUIREMENTS
- Studies
Bachelor in Computer Science or equivalent
ITIL Foundation certificate will be desirable
- Experience
At least 5 years
- Languages
High English spoken and written fluent (B2/C)
French spoken and written will be valued
SKILLS
- Technical
Essential:
Technical Skills essential for the role include, but not limited to:
· CA Siteminder Web SSO
· SOA security – SAML / WS-Security
· Autoprovisionning tools such as BMC ControlSA, Sailpoint, or Forgerock
· LDAP
· Kerberos / SSL/TLS / PKI / GSS-API / SPNEGO
· oAuth2, OpenIDConnect
· IIS/WCF/WIF, WAS security models
· Infrastructure standards for network load balancers, servers, networks and storage
· Automation mind-set with experience in using tools like Ansible
· Scripting skills using Python or shell
· Application Server: Good exposure in configuring and supporting web technologies such as Tomcat, Apache, nginx, IIS
Desirable:
Technical Skills desirable for the role include:
· Axway API Gateway
· SQL, Database schema
· Authentication services for APIs
· Exposure to Apigee API gateway
· Knowledge of Process & Quality management, ITIL v2/v3
· Microsoft Project, Advanced Excel, PowerPoint and Word
· Knowledge of Atlasian Jira Task teslaManagement toolset
· Previously used ServiceNow as a Service Desk Management product
- Transversal & Behavioral
· Proven logical and methodical problem analysis and troubleshooting skills
· Working with an industry recognized service desk and project management toolset
· Clear communicator in both written and oral forms
· Very strong analytical skills
· Strong attention to detail
· Structured and methodical mind-set
· Ability to operate with demanding Senior IT Management
· Can do attitude; look at changes as opportunities to improve
· Team oriented
· Good interpersonal and communication skills
BENEFITS
• Training programs, career plans and internal mobility opportunities, national and international thanks to our presence in different countries.
• Diversity and Inclusion Committee that ensures an inclusive work environment. In recent years, several employee communities have been created to organize diversity and inclusion awareness actions (PRIDE, We Generations and MixCity).
• Corporate volunteering program (1 Million Hours 2 Help) in which employees can dedicate time out of their working hours to volunteer activities.
• Flexible compensation plan.
• Hybrid telecommuting model (50%).
• 31 vacation days.
Diversity and inclusion commitment
BNP Paribas Group in Spain is an equal opportunity employer and proud to provide equal employment opportunity to all job seekers. We are actively committed to ensuring that no individual is discriminated against on the grounds of age, disability, gender reassignment, marriage or civil partnership status, pregnancy and maternity/paternity, race, religion or belief, sex or sexual orientation. Equity and diversity are at the core of our recruitment policy because we believe that they foster creativity and efficiency, which in turn increase performance and productivity. We strive to reflect the society we live in, while keeping with the image of our clients.