A propos de Crédit Agricole Corporate and Investment Bank (Crédit Agricole CIB)
Crédit Agricole CIB est la banque de financement et d'investissement du groupe Crédit Agricole, 10ème groupe bancaire mondial en taille de bilan 2021 (The Banker, juillet 2022).
Près de 8600 collaborateurs répartis dans plus de 30 implantations en Europe, Amériques, Asie-Pacifique, Moyen-Orient et Afrique du Nord, accompagnent les clients de la Banque dans la couverture de leurs besoins financiers à travers le monde.
Crédit Agricole CIB propose à ses clients grandes entreprises et institutionnels une gamme de produits et services dans les métiers de la banque de marchés, de la banque d'investissement, des financements structurés, de la banque commerciale et du commerce international.
Pionnier dans le domaine de la finance Climat, la Banque occupe aujourd'hui une position de leader sur ce segment avec une offre complète pour l'ensemble de ses clients.
La majorité des postes est éligible au télétravail dans les conditions prévues par notre accord reposant sur le double volontariat (collaborateur & manager) et après une période d'intégration réussie.
Crédit Agricole CIB s'engage en faveur de l'insertion des personnes en situation de handicap, ainsi ce poste est ouvert à toutes et à tous.
Pour plus d'information : www.ca-cib.fr
Twitter : https://twitter.com/ca\_cib
LinkedIn : http:///company/credit-agricole-cib/ Summary
The Head of Vulnerability Management will lead the enterprise-wide vulnerability detection, assessment, and remediation efforts to safeguard the bank's infrastructure, applications, and data. This role will develop and execute a risk-based vulnerability management program that aligns with regulatory requirements and industry best practices. The ideal candidate will work cross-functionally to drive remediation efforts, enhance security posture, and provide executive-level reporting on vulnerabilities and risk exposure. This position requires a strong leader with deep technical expertise and experience in financial sector cybersecurity governance.
Key Responsibilities
Vulnerability Program Leadership
o Develop and manage the enterprise vulnerability management strategy, ensuring alignment with security frameworks and regulatory requirements.
o Establish policies, procedures, and standards for vulnerability identification, assessment, and remediation.
o Maintain executive-level reporting on vulnerability trends, risk posture, and remediation effectiveness.
o Continuously evaluate and enhance program maturity through automation and process improvements.
Vulnerability Scanning & Assessment
o Manage enterprise-wide vulnerability scanning tools and processes to detect security weaknesses.
o Perform regular scanning and testing across infrastructure, applications, and cloud environments.
o Analyze scan results to prioritize vulnerabilities based on risk, exploitability, and regulatory impact.
o Ensure comprehensive coverage of all assets through asset discovery and inventory validation.
Remediation & Risk Mitigation
o Collaborate with IT, DEVOPS, and application teams to ensure timely remediation of identified vulnerabilities.
o Develop and track key performance indicators (KPIs) to measure remediation effectiveness.
o Provide guidance on compensating controls and risk acceptance when remediation is not immediately feasible.
o Establish escalation processes for high-risk vulnerabilities requiring urgent action.
Threat Intelligence & Vulnerability Prioritization
o Integrate threat intelligence feeds to correlate vulnerabilities with real-world threats and exploits.
o Align vulnerability management efforts with emerging threats, zero-day vulnerabilities, and adversarial tactics.
o Leverage frameworks such as MITRE ATT&CK to enhance risk-based prioritization.
o Coordinate with incident response teams to analyze vulnerabilities exploited in security incidents.
Compliance & Regulatory Alignment
o Ensure adherence to financial industry regulations, including FFIEC, and NYDFS.
o Support internal and external audits by providing evidence of vulnerability management controls.
o Maintain documentation of vulnerability management activities for compliance reporting.
o Align remediation efforts with compliance deadlines and security control objectives.
En cliquant sur "JE DÉPOSE MON CV", vous acceptez nos CGU et déclarez avoir pris connaissance de la politique de protection des données du site jobijoba.com.