🔐 What if your expertise could secure millions of transactions against cyber threats?
💡 Ready to shape the future of digital trust in a top-tier European bank?
🌍 Looking for a role where cutting-edge tech meets global impact—and flexibility?
📘 INDEX
1️⃣ Who we are
2️⃣ Mission
3️⃣ What you’ll do
4️⃣ What you’ll bring
5️⃣ Our perks
6️⃣ About BNP Paribas
🏦 WHO WE ARE
🖥️ Spain IT Production is BNP Paribas’ EMEA digital backbone, with 400+ experts ensuring secure, high-performance IT services for CIB, Retail Banking, and more. From infrastructure to cybersecurity, we standardize, stabilize, and future-proof the bank’s operations—24/7, across clouds and continents.
🎯 MISSION
🔒 Protect BNP Paribas’ digital assets as a Cryptographic Security Specialist in our Group Production Security – Defense team. You’ll:
* Safeguard critical systems (HSM, KMS, PKI, encryption) in hybrid/cloud environments (Office 365, IBM).
* Design and deploy next-gen security solutions (BYOK, KYOK, e-signatures) for regulatory compliance and business resilience.
* Bridge the gap between security policies and operational reality, ensuring Level 3 support and on-call readiness.
* Automate and industrialize processes to scale security without compromising performance.
Your work keeps our bank—and its clients—one step ahead of cyber threats.
💼 WHAT YOU’LL DO
🛠️ Operate & Evolve Cryptographic Services:
* Maintain HSM/KMS infrastructures and manage cryptographic key lifecycles (generation, rotation, revocation).
* Qualify and implement new security solutions (e.g., post-quantum algorithms, cloud-native encryption).
* Automate key ceremonies, MSM installations, and incident response workflows.
🔍 Secure & Support:
* Provide L3 support for cryptographic incidents and engineer fixes under pressure.
* Participate in on-call rotation (1 week/month) for 24/7 service availability.
* Collaborate with IT Risk, IAM, and business lines to translate security requirements into actionable designs.
🚀 Innovate & Advise:
* Monitor threats (vulnerabilities, algorithm weaknesses) and propose mitigations.
* Guide projects on secure authentication, data protection, and compliance (e.g., GDPR, NIS2).
* Document procedures and train teams on cryptographic best practices.
💡 WHAT YOU’LL BRING
🎓 Education: Master’s degree (or equivalent) in Cybersecurity, IT, or Engineering.
💼 Experience:
* 2–4 years in HSM, KMS, or PKI (e.g., Thales, AWS KMS, IBM Cloud HSM).
* IT Production environment exposure (incident management, SPOC for escalations).
* Cloud security (Office 365, IBM Cloud) and cryptographic protocols (TLS, RSA, ECC).
🌐 Languages: Fluent English (mandatory); French (a plus).
🔧 Technical Skills:
* Expert: Cryptography (HSM, KMS, BYOK), Security Architecture, UNIX/Windows Admin.
* Proficient: Python/Shell scripting, IAM, Active Directory, PostgreSQL/MongoDB.
* Knowledge: Network security, automation tools (Ansible, Terraform).
🧠 Soft Skills:
* Rigorous under pressure (on-call, tight deadlines).
* Collaborative (cross-team projects, stakeholder management).
* Proactive in threat intelligence and process improvement.
🎁 OUR PERKS
🌟 Career Growth: Training programs, global mobility, and tailored career paths.
🤝 Inclusion: D&I committees (PRIDE, MixCity, We Generations) and a psychologically safe workplace. Learn more: Diversity, equality and inclusion | BNP Paribas.
🤲 Impact: 1 Million Hours 2 Help—volunteer for causes you care about.
💰 Flexibility: Hybrid model (50% remote) + flexible compensation.
🏝️ Balance: 32 vacation days to recharge.
🌍 ABOUT BNP PARIBAS
🌍 A global banking leader, BNP Paribas operates in 65 countries, combining financial strength with tech-driven innovation. Our Spain IT Production Hub is a cornerstone of digital resilience, where expertise meets agility—because security is everyone’s business.
🚀 APPLY NOW!
Ready to defend the future of banking? Submit your application today.
Join a team where your skills protect millions—and your growth knows no borders.
Explore more opportunities at BNP Paribas Careers.