Job Description

About BNP Paribas India Solutions:


Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union's leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.


About BNP Paribas Group:



BNP Paribas is the European Union's leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group's commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability



Commitment to Diversity and Inclusion



At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.



About Business line/Function:


BNP Paribas IT teams are providing infrastructure, development and production support services to all applications used worldwide by all business lines. There is a great variety of technologies and infrastructures from legacy systems to cutting edge Cloud technologies.


Within BNP Paribas Group IT, the filiere "FORTIS" oversees operationally to the challenges of IT applications with an end-to-end vision and consistently across the Bank. Several domains of these filiere contribute to this, including the domain "Service Offering DevOps", which provides the DevSecOps platform for IT Group, Control Center, DB Activities and move to Cloud project.


BNP Paribas Fortis is a bank that is responsible and socially committed. The environment, diversity, cultural support, sponsorship... Through various and concrete ways, we are dedicated to meeting our customers' expectations and proud to demonstrate our values: responsible, human, innovative and enthusiastic


Job Title:


Web Security Engineer - APIGEE


Date:


Jul 2024


Department:


ITGP


Location:


Chennai


Business Line / Function:


BNPP FORTIS


Reports to:


(Direct)


ISPL ITG OPS


Grade:


(if applicable)


(Functional)


ITGP/FORTIS


Number of Direct Reports:


N/A


Directorship / Registration:


NA


POSITION PURPOSE
--------------------


The Application security squad within Agile Production Services Tribe will work together with the existing Web Design and Web Application Firewall squads for the technical design, installation, set-up, industrialization, management, support and documentation of the BNP Paribas Fortis Web Security Infrastructure


BNP Paribas Fortis needs Web Security Engineers specialized in APIGEE to reenforce the Application security squad, to develop, maintain and migrate GW security policies for multiple customer centres within an efficient Agile SDLC for the API Management platform. You will work cross-functionally with Architects, Engineers, and Business Analysts, across multiple teams.


Responsibilities


The mission has various aspects:


• Design, deliver and support the integration layer between operating systems and business applications within distributed environments for B2B, B2C and Web information exchange solutions.


• Focuses on the integration of web application in the Web Infrastructure for the intranet as well as for the DMZ.


• Design, develop, and implement Restful APIs using Java and related technologies.


• Proficiency in using preferred IDEs, such as IntelliJ IDEA, Eclipse, or Visual Studio Code.


• Write, configure, and maintain API proxies on Apigee (OPDK).


• Excellent knowledge in JAVA, JAVA8, JAVA11, JAVA17, J2EE, Spring Boot, Spring MVC, JPA, Hibernate, DevOps, CICD, Jenkins, REST APIs, Swagger.


• Creation of swagger files and generating API proxies using the swagger files.


• Develop custom policies and extensions in Java for Apigee API Gateway.


• Write and maintain Java callouts for complex logic processing within Apigee proxies.


• Utilize Java to build reusable components and frameworks for API development.


• Develop and manage Java-based microservices to support API functionalities.


• Implement and maintain Java-based monitoring and logging solutions for APIs


• Development of new API's and Enhancement of existing API's for the proxies


• Design, develop, and implement API proxies and policies using Apigee Edge.


• Experience with SOA, SAML, SSO, OAuth2, OpenID, JWT, Base security, certificate configuration, SSH, TLS Understanding of architecture and design Microservices, micro gateways (preferably APIGEE), Istio, TCP, TLS, SSH, Jenkins, CICD tools.


• Participate in the migration of the API SOAP to RESTful, XML to JSON


• Assist and active participation in production support (incident, problem and change management) for the Web Security squads.


• Help clients with digital transformation through API Management and API Security.


• Architect solutions with clients, based on company standards and best practices.


Assist technical support in troubleshooting customer issues.


• Share knowledge with colleagues on technology subjects, solutions, best practices on vendor specific and also on generic security components.


• Establish and document installations, guidelines, policies and procedures for relevant stakeholders as well customer-facing technical documentation.


• Monitor and report on Infrastructure availability and performance.


• Participate in the automation and industrialization of our assets.


• Participate in the On-Call calendar (7/7 from 18:00 - 7:30)


Preferable:


• Proven experience in security of Web Infrastructure in financial services


• Good Understanding of KPS architecture and its relationship with Cassandra DB.


• Setup API Gateway and API Manager


• Experience in Java, JavaScript, or Groovy or python


TECHNICAL & BEHAVIORAL COMPETENCIES
---------------------------------------


• Proven experience in Apigee API management and development.


• Strong proficiency in Java programming, including Java callouts in Apigee.


• Experience with Java frameworks such as Spring Boot, Hibernate, or similar.


• Deep understanding of object-oriented programming (OOP) principles and design patterns.


• Experience with RESTful API design and implementation.


• Proven experience in designing and developing robust, secure, scalable API solutions with APIGEE products.


• Hands on knowledge with API Gateway Policy- and Secure API- development


• Good knowledge on: XML/XSLT, REST API, SOAP WebService


• Experience in securing the End Point with API Key, OAuth 2.0 (with JWT, Authorization code, client credentials, Implicit), SSL, MA, Basic Authentication.


• API Gateway CI-CD Implementation using Jenkins and Gitlab.


• Practical & good knowledge on: Web access management, web access security concepts, web authentication practices, PKI, certificates, Mutual Authentication, Kerberos Authentication, TLS, Federated Identity


• Practical knowledge of OAuth framework


• Experience to create Policies based on data routing, URL rewrite, request and response conversion, IP whitelisting/blacklisting, Throttling, external connection with database (MySQL) etc.


• Generic knowledge on firewalls, application firewalls, load balancers, networking principles, DMZ, network security


• Experience with RESTful API design and implementation.


• Knowledge of API security standards and practices.


• Familiarity with API testing tools such as Postman or SoapUI.


• Strong critical thinking skills and attention to the details.


• Good working knowledge in Linux environment.


Preferable:


• Proven experience in security of Web Infrastructure in financial services


• Good Understanding of KPS architecture and its relationship with Cassandra DB.


• Setup API Gateway and API Manager


Experience in Java, JavaScript, or Groovy or python


SPECIFIC QUALIFICATIONS (IF REQUIRED)
-----------------------------------------


• Agile environment


• Follows the Customer processes for projects, incident and change management.


• Being standalone and team worker, analytical minded, meet commitment, ability to work in a dynamic and multi-cultural environment, flexible, customer-oriented, understand risk awareness.


• Motivated self-starter, process-oriented with high attention to detail


• Quick self-starter, pro-active attitude.


• Good communication skills, Good analytical and synthesis skills.


• Autonomy, commitment, and perseverance.


• Ability to work in a dynamic and multicultural environment.


• Flexibility (in peak periods extra efforts may be required).


• Open minded and show flexibility in self-learning new technologies/tools.


• You are customer minded and can translate technical issues into non-technical explanations.


• You are always conscious about continuity of services.


• You have a very good team spirit and share your knowledge and experience with other members of the team. Working in collaboration with team.


• Client-oriented, analytical, initiative oriented and able to work independently.


• Be flexible and ready to provide support outside of Business hours (on-call).


• Able to take additional responsibility.


• Able to work from base location Chennai/Mumbai (Whichever is your base location) during hybrid model.


• You are flexible and ready to provide support outside of Business hours (on-call).


Skills Referential


Behavioural Skills: (Please select up to 4 skills)


Ability to collaborate / Teamwork


Communication skills - oral & written


Organizational skills


Client focused


Transversal Skills: (Please select up to 5 skills)


Ability to understand, explain and support change


Ability to develop and adapt a process


Ability to develop others & improve their skills


Ability to set up relevant performance indicators


Ability to manage a project


Education Level:


Bachelor Degree or equivalent


Experience Level


At least 5 years


• Other/Specific Qualifications (if required):


At least 3 years of experience with APIGEE


At least 3 years of experience in Web Security (API GW security)


A professional experience of at least 5 years, in Java development.