The position at a glance

The Senior Security Expert is a key member of the Production Security organization, responsible for designing, engineering, maintaining, and supporting enterprise security solutions and controls. This role serves as a subject matter expert (SME) in defense technologies that protect endpoints, applications, and data across the environment. The ideal candidate combines deep technical expertise with strong leadership, collaboration, and risk-management skills.

In detail

Security Engineering & Architecture

• Own the end-to-end design, implementation, and governance of advanced security solutions and controls across the enterprise (e.g., endpoint security, data protection, EDR, DLP, email security).
• Serve as the principal SME for endpoint and data protection solutions, providing guidance on deployment, tuning, and lifecycle management.
• Champion the evaluation of emerging security technologies and advocating solutions to enhance the organization's security posture.
• Define and maintain reference architecture, engineering standards, and technical documentation.

Security Operations & Support

• Lead Tier 3 technical support and troubleshooting for complex security solution issues.
• Conduct health checks, optimization, and continuous improvement of existing security controls.
• Partner with security operations team members to investigate and remediate incidents that involve engineered security controls.

Security Assessments & Control Reviews

• Assess, test, and validate the effectiveness of security controls across infrastructure, network, endpoint, and cloud environments.
• Conduct design and implementation reviews to ensure alignment with security policy, frameworks, and best practices.
• Prioritize gaps and recommend risk-based remediation strategies.

Project Leadership & Cross-Functional Collaboration

• Lead and drive security projects from design through implementation, coordinating with IT, infrastructure, cloud, network, application teams, and business stakeholders.
• Act as a senior advisor to technical and non-technical teams, translating security requirements into actionable technical solutions.
• Present status, risks, and recommendations to leadership and stakeholders.

Technical Leadership & Mentorship

• Mentor and coach junior and mid-level engineers, fostering a culture of knowledge sharing, best-practice adoption, and proactive problem solving.
• Drive technical road-mapping initiatives and recommend strategic enhancements to support scalability and innovation.
• Serve as the primary point of contact for complex technical issues, guiding cross-functional teams through root cause analysis and effective resolution.

Audit, Risk, and Compliance Support

• Partner with GRC, audit, and risk management teams to ensure ongoing adherence to regulatory, contractual, and internal compliance requirements.
• Provide evidence and subject matter expertise during audits, assessments, and risk evaluations.
• Contribute to policy and standard development, as well as control design and validation.

The strengths and skills that will help you succeed

• Bachelor's degree or foreign education equivalent in Computer Science or Cyber Security
• 10+years of experience in production-level security engineering.
• Strong expertise in endpoint and data protection technologies (e.g., EDR platforms, DLP, encryption).
• Solid understanding of network security concepts, architecture, and related technologies.
• Experience assessing, validating, and reviewing security controls in enterprise environments.
• Demonstrated ability to lead security projects and work effectively with cross-functional teams.
• Familiarity with GRC, audit processes, and risk management frameworks (e.g., NIST, ISO, CIS).
• Technical leadership
• Analytical problem-solving
• Risk-based decision-making
• Collaboration and communication
• Autonomy and accountability
• Continuous improvement mindset

*Given the vast majority of our clients, both internal and external, are based outside of Quebec and Canada, specific language requirements may apply. Professional working proficiency in English language is required.

What's in it for you

In addition to competitive compensation, we offer flexible benefits including a family and spouse insurance program, a defined contribution pension plan and paid days for volunteering. Hybrid work arrangements are available for most positions. In-office presence is required a minimum of 3 days per week, one of which must be on a Monday and/or a Friday. BNP Paribas provides excellent training and personal development programs, as well as opportunities for career development within the company and internationally.

To find out more about our range of benefits, click here

What you need to know

• We will review candidates as they apply, so don't wait to submit your application;

• You must be legally eligible to work in the Greater Montreal area and, if applicable, hold a valid work or study permit. Physical presence in BNP Paribas' office(s) is an essential function of this position;

***While the description above describes our ideal candidate, we encourage applicants to apply even if they do not fully meet the complete list of qualifications noted***