Job Description

In a changing world, unprecedented challenges require unmatched talent. Join one of Montreal\'s Top Employers in 2023. We are a dynamic and growing organization having its main establishment located in downtown Montreal and part of a leading international banking institution fully committed to building a more sustainable future. Note that the position may be in the Canadian Branch of BNP Paribas or in one of its subsidiaries based in Montreal.

The position at a glance

The Security Architecture (SecArch) Team is the technical arm of BNPP Application Security team. The team is responsible for integrating security into the systems development lifecycle.

The Security Architecture (SecArch) Team members assess the current state; develop recommendations; write and implement policies, standards, and processes; and implement the new approach for integrating cybersecurity into the systems development lifecycle. To be successful in this role, candidates are expected to act as subject matter experts in infrastructure, application security with a proven track record in cloud, systems design, site reliability engineering, and/or DevSecOps.

In detail

Candidates to be measured on the following four performance drivers, which will dictate how individual impact is considered on the Americas platform:

• Results and Impact

• Impacts division and influences peers and team
• Demonstrates good judgement when making decisions of high complexity and impact
• Relies on limited guidance for most complex decision making
• Is responsible for driving outcomes which have meaningful effect on team or department

Leadership and Collaboration

• Creates trust with department leaders
• Acts in leadership capacity for large projects, processes, or programs for a team

Client, Customer and Stakeholder Focus

• Able to build relationships with a mix of intermediate and senior colleagues or clients
• Interacts regularly with management and department leaders
• Demonstrates the ability to persuade and influence stakeholders at the team level

Compliance Culture and Conduct

• Takes full responsibility for personal actions and demonstrates courage in facing problems and conflicts
• Perceived as a person of high moral character; upholds corporate values and displays high ethical standards\xe2\x80\x9d

Responsibilities:

• Lead architecture evaluating security design for new and existing infrastructure, applications
• Represent, where applicable, Security Architecture role in information technology validation committees
• Develop structured recommendations to better integrate security into the IT systems development lifecycle
• Author policies, standards, and processes to facilitate effective and efficient integration of security into the IT systems development lifecycle
• Initiate and execute the security relevant processes to integrate cybersecurity into the IT systems development lifecycle to include but not limited to:

• Cyber risk assessments for IT projects
• Development and review of cybersecurity requirements for IT projects
• Review of IT architectures for relevant cybersecurity risks
• Review of available and applicable controls to mitigate cybersecurity risks to IT projects
• Provide technical guidance to address risks identified in areas such as authentication, authorization, auditing, application security, secure data transport and storage
• Act as thought leaders for addressing new security challenges such as IoT, cloud, robotics, and artificial intelligence
• Articulate security issues to technical and non-technical audience

Qualifications

The strengths and skills that will help you succeed

• Strong problem solving and analytical skills, verbal and written communication skills
• Excellent interpersonal skills and the ability to work effectively with others as a team
• Ability to work independently and effectively managing and prioritizing multiple tasks, by setting expectations and handling high-pressure situations with tight deadlines
• Articulating infrastructure and application security issues to technical and non-technical audience
• Hands on design, engineering, and migration experience in cloud, e.g. Azure, AWS, GCP, and/or IBM
• Deep understanding of OSI model
• Security devices, e.g. Firewalls, VPN, AAA systems
• OS Security, e.g. Unix, Linux, and Windows
• Understanding of common protocols, e.g. Active Directory, LDAP, SMTP, DNS, file sharing, routing protocols
• Having worked on cryptography libraries, SSL/ TLS , HSM , certificates & PKI infrastructure in programming
• Excellent understanding of information security, including emerging threats and attack methodologies
• Experience leveraging the MITRE ATT&CK Framework
• Experience interpreting networking, application data flow, and security architectural diagrams to identify attack vectors an adversary may seek to exploit
• Broad understanding of threats faced by the financial sector
• In depth knowledge of security concepts regarding application, web and infrastructure security. Understanding of current and emerging technologies and threats
• Knowledge of English is required

Preferred Qualifications;

• Bachelor\xe2\x80\x99s or Master\xe2\x80\x99s degree level qualification or equivalent
• 4+ years of experience with infrastructure engineering or architecture in the financial sector, threat modeling and risk analysis
• Information security, cloud, network, or systems engineering certifications (e.x CISSP, ISSAP, CCSP, CCSK, CCNA, GIAC)
• Excellent writing and presentation skills to communicate design and recommendations to different audiences and stakeholders
• Financial sector experience
• Programming knowledge in Python, Java and/or C++, OOP concepts, data structures
• Experience in leveraging a threat modeling tool
• Security Architecture Framework SABSA, O-ESA and OSA

FINRA Registrations Required:

Not Applicable

What\xe2\x80\x99s in it for you

In addition to competitive compensation, we offer flexible benefits including a family and spouse insurance program, a defined contribution pension plan and paid days for volunteering. Hybrid work arrangements, such as remote working up to 50% and flexible working hours are available for most positions. BNP Paribas provides excellent training and personal development programs, as well as opportunities for career development within the company and internationally.

To find out more about our range of benefits,

What you need to know

• We will review candidates as they apply, so don\xe2\x80\x99t wait to submit your application;
• If you are selected to participate in the recruitment process, please inform Human Resources of any accommodations you may require. BNP Paribas will work with you to ensure that you are able to participate fully in the process;
• You must be legally eligible to work in the Greater Montreal area and, if applicable, hold a valid work or study permit. Physical presence in BNP Paribas\xe2\x80\x99 office(s) is an essential function of this position;
• Given the vast majority of our clients, both internal and external, are based outside of Quebec and Canada, specific language requirements may apply. These will be clearly mentioned in the qualifications of the position;

Diversity, Equity and Inclusion (DE&I) at the heart of our commitments

At BNP Paribas all employees are on an equal footing allowing us to create a work environment that values and respects people for their talents, skills and competences.

BNP Paribas recruits, employs, trains, compensates and promotes regardless of race, religion, colour, national origin, sex, disability, age, and other protected status (Employment Equity Act and Canadian Human Right Act).

To learn more about our DE&I commitments,

About us

BNP Paribas is the top bank in the European Union and a major international banking establishment. Present in 65 countries, with more than 190,000 employees, the bank holds key positions in several areas of banking and financial services.

BNP Paribas\xe2\x80\x99 mission is to contribute to a responsible and sustainable economy by financing and advising its clients according to the highest ethical standards, while striving to respond to essential concerns in terms of the environment, regional development and social inclusion.

Since 1961, BNP Paribas has supported large Canadian companies and institutions in their business development by offering a full range of specialized financial services and investment products.

With over 1,200 employees, BNP Paribas in Canada continues to attract experts from diverse fields as well as ambitious young talent from around the world. We are proud to offer our employees a rewarding and international workplace where they can build their professional careers by honing their skills, meeting challenges and enriching their knowledge of the financial industry.

Our certifications and partnerships

• Montreal Top Employer 2023
• Canada\'s Best Diversity Employer 2023
• Women in Governance \xe2\x80\x93 Parity certified - Gold certification
• CCDI Consulting Inc. (Canadian Center for Diversity and Inclusion)
• Pride at Work Canada
• Rainbow Accreditation issued by Canada\xe2\x80\x99s LGBT+ Chamber of Commerce (CGLCC)
• ROSEPH \xe2\x80\x93 Grouping of specialized organizations for the employment of persons with disabilities
• IndigenousWorks
• Part of Les Affaires top 300 companies in Quebec

Do you want to discover other BNP Paribas offers in Canada?

Click here:

** Only selected applications that meet the requirements of the role will be contacted **

BNP Paribas