The position at a glanceWithin BNP Paribas CIB, you will join the Production Network Security team, dedicated to protecting Production infrastructures against network cyber threats. Your role will primarily focus on:
Operational management of IPS (Intrusion Prevention System) and WAF (Web Application Firewall) solutions to detect, block, and analyze attacks (e.g., exploits, DDoS, SQL injections, etc.).
Continuous optimization of security rules to reduce false positives/negatives while maintaining a high level of protection.
Collaboration with SOC, Development, and Network teams to investigate incidents and enhance security posture.
In detail- Configure, deploy, and maintain Checkpoint, Fortinet, F5 Advanced WAF, and AVI WAF solutions to protect critical infrastructure.
- Analyze logs and alerts to identify attack patterns and adjust rules to reduce false positives and negatives.
- Coordinate with the SOC team to automate incident response via SOAR playbooks to streamline the handling of recurring threats.
- Investigate security alerts and CVE exploitation attempts to propose and implement corrective measures.
- Document post-mortems following critical incidents to improve detection and response processes.
- Monitor emerging threats and new CVEs to adapt IPS/WAF rules and maintain a proactive defense.
- Evaluate technological upgrades, such as cloud-native WAF or AI-based anomaly detection, to modernize security capabilities.
- Collaborate with DevOps teams using Ansible to integrate security from the design phase.
- Conduct security audits and configuration reviews to ensure compliance with NIS2, ISO 27001, and PCI-DSS standards.
- Facilitate workshops on WAF best practices and OWASP Top 10 risks to support internal team knowledge.
The strengths and skills that will help you succeed- Engineering or Master's degree in Cybersecurity, Networking/Telecoms, or Information System Security.
- The knowledge of English is required.*
- Minimum 5 years of experience in operational security and critical infrastructure protection.
- F5 Advanced WAF and AVI WAF configuration for security rule optimization.
- Checkpoint and Fortinet technologies for firewall management.
- TCP/IP, HTTP/HTTPS, and TLS protocols to mitigate MITM, SQL injection, and XSS attacks.
- NIS2, ISO 27001, PCI-DSS, MITRE ATT&CK, and CIS Benchmarks to ensure regulatory compliance.
- Reasoned approach when investigating complex incidents and zero-day vulnerabilities.
- Collaborative problem solving when working with SOC, Development, and Network teams.
- Committed and supportive attitude when providing on-call support and training internal teams
*Given the vast majority of our clients, both internal and external, are based outside of Quebec and Canada, specific language requirements may apply. Professional working proficiency in English language is required
What's in it for youIn addition to competitive compensation, we offer flexible benefits including a family and spouse insurance program, a defined contribution pension plan and paid days for volunteering. Hybrid work arrangements are available for most positions. In-office presence is required a minimum of 3 days per week, one of which must be on a Monday and/or a Friday. BNP Paribas provides excellent training and personal development programs, as well as opportunities for career development within the company and internationally.
To find out more about our range of benefits, click here
What you need to know- We will review candidates as they apply, so don't wait to submit your application;