Application Production Support Professional - Vulnerabilities and patching Experts
Position Purpose
- We are seeking an experienced Senior Vulnerability e Patching specialist with proved competence in Cloud & Cybersecurity Knowledge and skill.
- The profile requires the capability to work identifying, assessing and remediating security weakness executing scanning operations, analysis, remediation plan and follow up with IT Teams.
- Working in this position, is required to work closely with cross-functional teams of various nationalities to identify vulnerabilities, assign right priority in findings and patching remediation.
- It is required continues update on emergency treads, Security CVE, OS new version release and End of Support, in aims to maintain a proactive security posture.
- The Vulnerability e Patching specialist will contribute to security management of cloud environments while ensuring compliance with regulatory and Group standards.
- The resource will be in charge of creating and sharing reporting documentation for local and group management meetings.
Responsibilities
Direct Responsibilities - Lead vulnerability and patching management processes, post detection, assessment, and remediation. Define and monitor the implementation of remediation plans.
- Oversee patch management activities to ensure systems remain secure and up to date.
- Capability to use a scanning tools to make a vulnerability scan in BNL perimeter.
- Provide expert guidance on cybersecurity risks, threats, and best practices.
- Collaborate with IT, compliance, and business units to ensure alignment with regulatory requirements and corporate security policies.
- Stay ahead of emerging cyber threats and technologies, advising on improvements.
- Support to enforce asset configuration hardening to reduce attack surfaces and strengthen security baselines.
- Contribute to the regular activity reporting and KPI calculation
- Capability to manage change and incident in scope perimeters
Contributing Responsibilities - Contribute to the knowledge transfer with BNL Production Security team
- Contribute to the definition of procedures and processes necessary for the team
- Help build team spirit and integrate into BNL BNP Paribas culture
- Contribute to incidents analysis and associated problem management
- Contribute to continuous improvement actions, especially the lessons learned from handovers to Paris
- Contribute to the acquisition by ISPL team of new skills & knowledge to expand its scope
Technical & Behavioral Competencies - Expertise in cybersecurity frameworks and practices (ISO27001, DORA, NIST, NIS2)
- Strong knowledge of CVE management and experience with vulnerability mitigation
- Solid understanding of cloud security (GCP and/or AWS)
- Knowledge of container security (Docker, Anchore)
- Practical experience in developing and implementing security policies and incident response plans
- Experience in vulnerability management tool (i.e. Nessus, Qualys and Tanium, processes, reporting, ticketing).
- Expertise in vulnerability scanning (i.e. Tenable Nessus).
- Solid understanding of patch management and related automation tools.
- High experience of using the Microsoft Office Suite and dashboarding tools.
- o Macro, VBScript, Excel formulas, PowerPoint presentation
- Practical experience in hardening asset configurations (OS, applications, databases, cloud environments and network assets).
- Knowledge of major OS (Linux, Windows, AIX) and middleware (WAS, JRE, Oracle and SQL)
- Experience with ServiceNow ticketing system
- Fluent in English (both written and spoken)
- Excellent communication-skills to work constructive and in cooperation with internal and external teams
- Analytical and problem-solving skills
- Good degree of responsibility and autonomy
Specific Qualifications (if required) - Knowledge of following tools/software will represent a preferential title:
- o Nessus/Tenable Security Center
- o Tanium
- o Power BI
- o Ansible
- o Sysdig Secure
- o Service now
Skills Referential
Behavioural Skills : (Please select up to 4 skills)
- Ability to collaborate / Teamwork
- Ability to deliver / Results driven
- Organizational skills
- Critical thinking
Transversal Skills: (Please select up to 5 skills)
- Analytical Ability
- Ability to set up relevant performance indicators
- Ability to develop and adapt a process
- Ability to understand, explain and support change
- Choose an item.
Education Level:
Bachelor Degree or equivalent
Experience Level
At least 5 years
