What if your expertise could secure millions of transactions against cyber threats?Ready to shape the future of digital trust in a top-tier European bank?Looking for a role where cutting-edge tech meets global impact—and flexibility?INDEXWho we areMissionWhat you'll doWhat you'll bringOur perksAbout BNP ParibasWHO WE ARESpain IT Production is BNP Paribas' EMEA digital backbone, with 400+ experts ensuring secure, high-performance IT services for CIB, Retail Banking, and more. From infrastructure to cybersecurity, we standardize, stabilize, and future-proof the bank's operations—24/7, across clouds and continents.MISSIONProtect BNP Paribas' digital assets as a Cryptographic Security Specialist in our Group Production Security – Defense team. You'll:- Safeguard critical systems (HSM, KMS, PKI, encryption) in hybrid/cloud environments (Office 365, IBM).- Design and deploy next-gen security solutions (BYOK, KYOK, e-signatures) for regulatory compliance and business resilience.- Bridge the gap between security policies and operational reality, ensuring Level 3 support and on-call readiness.- Automate and industrialize processes to scale security without compromising performance.Your work keeps our bank—and its clients—one step ahead of cyber threats.WHAT YOU'LL DOOperate & Evolve Cryptographic Services:- Maintain HSM/KMS infrastructures and manage cryptographic key lifecycles (generation, rotation, revocation).- Qualify and implement new security solutions (e.G., post-quantum algorithms, cloud-native encryption).- Automate key ceremonies, MSM installations, and incident response workflows.Secure & Support:- Provide L3 support for cryptographic incidents and engineer fixes under pressure.- Participate in on-call rotation (1 week/month) for 24/7 service availability.- Collaborate with IT Risk, IAM, and business lines to translate security requirements into actionable designs.Innovate & Advise:- Monitor threats (vulnerabilities, algorithm weaknesses) and propose mitigations.- Guide projects on secure authentication, data protection, and compliance (e.G., GDPR, NIS2).- Document procedures and train teams on cryptographic best practices.WHAT YOU'LL BRINGEducation: Master's degree (or equivalent) in Cybersecurity, IT, or Engineering.Experience:- 2–4 years in HSM, KMS, or PKI (e.G., Thales, AWS KMS, IBM Cloud HSM).- IT Production environment exposure (incident management, SPOC for escalations).- Cloud security (Office 365, IBM Cloud) and cryptographic protocols (TLS, RSA, ECC).Languages: Fluent English (mandatory);
French (a plus).Technical Skills:- Expert: Cryptography (HSM, KMS, BYOK), Security Architecture, UNIX/Windows Admin.- Proficient: Python/Shell scripting, IAM, Active Directory, PostgreSQL/MongoDB.- Knowledge: Network security, automation tools (Ansible, Terraform).Soft Skills:- Rigorous under pressure (on-call, tight deadlines).- Collaborative (cross-team projects, stakeholder management).- Proactive in threat intelligence and process improvement.OUR PERKSCareer Growth: Training programs, global mobility, and tailored career paths.Inclusion: D&I committees (PRIDE, MixCity, We Generations) and a psychologically safe workplace. Learn more: Diversity, equality and inclusion | BNP Paribas.Impact: 1 Million Hours 2 Help—volunteer for causes you care about.Flexibility: Hybrid model (50% remote) + flexible compensation.Balance: 32 vacation days to recharge.ABOUT BNP PARIBASA global banking leader, BNP Paribas operates in 65 countries, combining financial strength with tech-driven innovation. Our Spain IT Production Hub is a cornerstone of digital resilience, where expertise meets agility—because security is everyone's business.APPLY NOW!Ready to defend the future of banking? Submit your application today.Join a team where your skills protect millions—and your growth knows no borders.Explore more opportunities at BNP Paribas Careers.