VULNERABILITY MANAGEMENT OFFICER FLUENT IN ENGLISH (M/F) - PERMANENT CONTRACT - PORTO (JOB NUMBER: CS_ITR_602_2022)

BNP Paribas Cardif insures 100 million clients in the world. As the insurance subsidiary of BNP Paribas, it aims at being the global benchmark for insurance partnerships and the leading provider of personal insurance solutions.

Our people have extensive expertise and experience that creates tangible benefit for marketing, actuarial analysis and data management. We have in-depth understanding of our partner distributors and their industries, allowing us to optimize their insurance offering and the experience they deliver for their customers. Detailed knowledge of our partners also lets us provide support for their sales organizations and management of their networks.

For our Shared Services Center - Cardif Services based in Oporto, we are currently seeking 2 Vulnerability Management Officers M/F ? fluent in English.

The scope of this position : Corporate Cybersecurity

The Vulnerability Management Officer will actively participate on the continuous improvement of Cardif's Cybersecurity perfoimance device.

Within the area, he/she will have a transversal knowledge of Cardif Environement & Departments as he/she will work daily with different counterparts (Cardif IT, Cybersecurity teams all over the world, BNP Paribas Entities etc..)

As a Vulnerability Management Officer, your missions will consist of:

• Ensure that all Cardif assets are subject to regular vulnerability scans and that identified vulnerabilities are remediated

  
  

• Monitor the deployment of critical patches

  
  

• Ensure that all eligible Cardif assets are subject to regular penetration testing and that identified vulnerabilities are remediated

  
  

Ensure that all eligible Cardif assets are subject to regular code reviews and that identified vulnerabilities are remedied

Main functions :

Vulnerability scans:

• Ensure that all Cardif assets are covered by the vulnerability scannig tools;

  
  

• Ensure that all Cardif assets are regularly and successfully scaned;

  
  

• Examine scan tests results, prioritize and propose remediation plans and follow-up.

  
  

Critical patches:

• Analyze critical patches and identify impacted perimeters

  
  

• Alert Cardif entities impacted by critical patches

  
  

• Follow the progress of the deployment of critical patches

  
  

• Formalize and communicate a progress report
  

Penetration testing:

• Set up penetration testing tests on behalf of Cardif entities


• Analyze test results, prioritize and propose remediation plans, monitor remediation


• Control the quality and alignment with the requirements of the BNPP group of the services provided by the penetration test providers
  

Code reviews :

• Ensure that Cardif?s eligible assets are subject to regular code reviews;


• Analyze code reviews results, prioritize and propose remediation plans and follow-up.

Qualifications:

Minimum 5 years? experience in Cybersecurity ;

Very good oral and written English.

Cybersecurity experience

Vulnerability management experience

Produce regular and on demand reports about all topics

Penetration testing result analysis

Code review capabilities

MS Excel knowledge

Rigourous ;

Client oriented ;

Collaborative working skills ;

Adaptation capacity

Resilience

Analytical skills

Start date: ASAP

Contract Type: Open Ended

If your profile and motivations matches our needs, you feel motivated to join our company do not hesitate in sending us you application, we will be delighted to consider you for this position.

Please note that only applications submitted with CV, cover letter & Certificate of Studies will be considered and move forward in the application process.

BNP Paribas is an equal opportunity employer and proud to provide equal employment opportunity to all job seekers. We are actively committed to ensuring that no individual is discriminated against on the grounds of age, disability, gender reassignment, marriage or civil partnership status, pregnancy and maternity, race, religion or belief, sex or sexual orientation. Equity and diversity are at the core of our recruitment policy because we believe that they foster creativity and efficiency, which in turn increase performance and productivity. We strive to reflect the society we live in, while keeping with the image of our clients.

Primary Location

: PT-13-Porto

Job Type

: Standard / Permanent

Job

: INFORMATION TECHNOLOGY
Education Level: Bachelor Degree or equivalent (>= 3 years)
Experience Level: At least 5 years

Schedule

: Full-time