CKMS & HSM IT Security Engineer
2 days ago
Madrid
🔐 What if your expertise could secure millions of transactions against cyber threats? 💡 Ready to shape the future of digital trust in a top-tier European bank? 🌍 Looking for a role where cutting-edge tech meets global impact—and flexibility? 📘 INDEX 1️⃣ Who we are 2️⃣ Mission 3️⃣ What you’ll do 4️⃣ What you’ll bring 5️⃣ Our perks 6️⃣ About BNP Paribas 🏦 WHO WE ARE 🖥️ Spain IT Production is BNP Paribas’ EMEA digital backbone, with 400+ experts ensuring secure, high-performance IT services for CIB, Retail Banking, and more. From infrastructure to cybersecurity, we standardize, stabilize, and future-proof the bank’s operations—24/7, across clouds and continents. 🎯 MISSION 🔒 Protect BNP Paribas’ digital assets as a Cryptographic Security Specialist in our Group Production Security – Defense team. You’ll: • Safeguard critical systems (HSM, KMS, PKI, encryption) in hybrid/cloud environments (Office 365, IBM)., • Design and deploy next-gen security solutions (BYOK, KYOK, e-signatures) for regulatory compliance and business resilience., • Bridge the gap between security policies and operational reality, ensuring Level 3 support and on-call readiness. 💼 WHAT YOU’LL DO 🛠️ Operate & Evolve Cryptographic Services: • Maintain HSM/KMS infrastructures and manage cryptographic key lifecycles (generation, rotation, revocation)., • Qualify and implement new security solutions (e.g., post-quantum algorithms, cloud-native encryption)., • Automate key ceremonies, MSM installations, and incident response workflows. 🔍 Secure & Support: • Provide L3 support for cryptographic incidents and engineer fixes under pressure., • Participate in on-call rotation (1 week/month) for 24/7 service availability., • Collaborate with IT Risk, IAM, and business lines to translate security requirements into actionable designs. 🚀 Innovate & Advise: • Monitor threats (vulnerabilities, algorithm weaknesses) and propose mitigations., • Guide projects on secure authentication, data protection, and compliance (e.g., GDPR, NIS2)., • Document procedures and train teams on cryptographic best practices. 💡 WHAT YOU’LL BRING 🎓 Education: Master’s degree (or equivalent) in Cybersecurity, IT, or Engineering. 💼 Experience: • 2–4 years in HSM, KMS, or PKI (e.g., Thales, AWS KMS, IBM Cloud HSM)., • IT Production environment exposure (incident management, SPOC for escalations)., • Cloud security (Office 365, IBM Cloud) and cryptographic protocols (TLS, RSA, ECC). 🌐 Languages: Fluent English (mandatory); French (a plus). 🔧 Technical Skills: • Expert: Cryptography (HSM, KMS, BYOK), Security Architecture, UNIX/Windows Admin., • Proficient: Python/Shell scripting, IAM, Active Directory, PostgreSQL/MongoDB., • Knowledge: Network security, automation tools (Ansible, Terraform). 🧠 Soft Skills: • Rigorous under pressure (on-call, tight deadlines)., • Collaborative (cross-team projects, stakeholder management)., • Proactive in threat intelligence and process improvement. 🎁 OUR PERKS 🌟 Career Growth: Training programs, global mobility, and tailored career paths. 🤝 Inclusion: D&I committees (PRIDE, MixCity, We Generations) and a psychologically safe workplace. Learn more: ___. 🤲 Impact: 1 Million Hours 2 Help—volunteer for causes you care about. 💰 Flexibility: Hybrid model (50% remote) + flexible compensation. 🏝️ Balance: 32 vacation days to recharge. 🌍 ABOUT BNP PARIBAS 🌍 A global banking leader, BNP Paribas operates in 65 countries, combining financial strength with tech-driven innovation. Our Spain IT Production Hub is a cornerstone of digital resilience, where expertise meets agility—because security is everyone’s business. 🚀 APPLY NOW! Ready to defend the future of banking? Submit your application today. Join a team where your skills protect millions—and your growth knows no borders. Explore more opportunities at ___.
Page 7