Job Description

About BNP Paribas India Solutions:


Established in 2005, BNP Paribas India Solutions is a wholly owned subsidiary of BNP Paribas SA, European Union's leading bank with an international reach. With delivery centers located in Bengaluru, Chennai and Mumbai, we are a 24x7 global delivery center. India Solutions services three business lines: Corporate and Institutional Banking, Investment Solutions and Retail Banking for BNP Paribas across the Group. Driving innovation and growth, we are harnessing the potential of over 10000 employees, to provide support and develop best-in-class solutions.


About BNP Paribas Group:


BNP Paribas is the European Union's leading bank and key player in international banking. It operates in 65 countries and has nearly 185,000 employees, including more than 145,000 in Europe. The Group has key positions in its three main fields of activity: Commercial, Personal Banking & Services for the Group's commercial & personal banking and several specialised businesses including BNP Paribas Personal Finance and Arval; Investment & Protection Services for savings, investment, and protection solutions; and Corporate & Institutional Banking, focused on corporate and institutional clients. Based on its strong diversified and integrated model, the Group helps all its clients (individuals, community associations, entrepreneurs, SMEs, corporates and institutional clients) to realize their projects through solutions spanning financing, investment, savings and protection insurance. In Europe, BNP Paribas has four domestic markets: Belgium, France, Italy, and Luxembourg. The Group is rolling out its integrated commercial & personal banking model across several Mediterranean countries, Turkey, and Eastern Europe. As a key player in international banking, the Group has leading platforms and business lines in Europe, a strong presence in the Americas as well as a solid and fast-growing business in Asia-Pacific. BNP Paribas has implemented a Corporate Social Responsibility approach in all its activities, enabling it to contribute to the construction of a sustainable future, while ensuring the Group's performance and stability


Commitment to Diversity and Inclusion


At BNP Paribas, we passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued, respected and can bring their authentic selves to work. We prohibit Discrimination and Harassment of any kind and our policies promote equal employment opportunity for all employees and applicants, irrespective of, but not limited to their gender, gender identity, sex, sexual orientation, ethnicity, race, colour, national origin, age, religion, social status, mental or physical disabilities, veteran status etc. As a global Bank, we truly believe that inclusion and diversity of our teams is key to our success in serving our clients and the communities we operate in.


About Business line/Function:


The evolving Cyberthreats landscape increases the security risk of financial sector, that leads BNP Paribas to strengthen its Cybersecurity maturity, IT risk management and Operation Resilience. Within IT Group Cybersecurity & Digital Fraud department, you will be part of a Reporting and Dashboard factory, located in Chennai, dedicated to GRC (Service Now) perimeter.


You will play a key role to develop Dashboard a Self-BI platform in Chennai, ensuring core Cyber Security activities are performed by all the entities of the Group.


Job Title:


Vulnerability Management Engineer


Date:


May 2024


Department:


ITG


Location:


Chennai


Business Line / Function:


TSC Germany


Reports to:


(Direct)


NA


Grade:


(if applicable)


(Functional)


Number of Direct Reports:


Directorship / Registration:


NA


POSITION PURPOSE
--------------------


Vulnerability Management Specialist who will be responsible for the operation and maintenance of the scanning and reporting environment. Shall work closely with the Product Owner of the Vulnerability Management Service.


Responsibilities



DIRECT RESPONSIBILITIES
---------------------------


• Operate the Tenable Scan Center environment for multiple entities:


Conduct regular and ad-hoc scans of IT assets to identify security weaknesses and confirm the successful remediation of vulnerabilities

Troubleshooting in case of failures

Administration in terms of updating/patching and enhancing the environments
• Analyze vulnerability scan results and prioritize vulnerabilities based on risk levels and potential impact.


• Collaborate with system administrators, network engineers, and software developers to implement remediation plans and patches in a timely manner.


• Expertise with CVSS feeds & CVE database and other vulnerability databases to identify known vulnerabilities and associated risk factorsProvide recommendations for improving security controls and reducing the overall attack surface.


• Transfer of the scan results into PowerBI dashboards on a regular basis


TECHNICAL & BEHAVIORAL COMPETENCIES
---------------------------------------


Technical Skills


• Proficiency in using Tenable Scan Center (all components)


• Knowledge of PowerBI reporting tool


• Familiarity with Vulnerability repositories and Asset Management approaches







SPECIFIC QUALIFICATIONS (IF REQUIRED)
-----------------------------------------


Skills Referential


Behavioural Skills: (Please select up to 4 skills)


Ability to collaborate / Teamwork


Organizational skills


Creativity & Innovation / Problem solving


Communication skills - oral & written


Transversal Skills: (Please select up to 5 skills)


Ability to understand, explain and support change


Analytical Ability


Ability to manage a project


Ability to anticipate business / strategic evolution


Ability to develop and adapt a process


Education Level:


Bachelor Degree or equivalent


Experience Level


At least 5 years


Other/Specific Qualifications (if required)


• Good knowledge and experience on Banking / Financial service would be more preferred.


• Familiar with process analysis and improvement, drafting of workflows and procedures.


• - Certification like CEH, CompTIA Security+, CISSP could be added advantage.