What is this position about?
The role of the Vulnerability Management Analyst (APS) sits within IT for Securities Services (2S) at BNP Paribas SA Australia Branch. Provide day‑to‑day operational support for the organization's Vulnerability Management (VM) program. The analyst will assist in identifying, triaging, and coordinating remediation of security vulnerabilities across the enterprise IT landscape, ensuring timely closure in line with internal policies and regulatory requirements.
Primary Role Responsibilities
1. Vulnerability Scanning & Monitoring: Responsible for Schedule, execute, and monitor automated scans. Also, Validate scan results, suppress false positives, and maintain scan configurations.
2. Triage & Prioritisation: Review new findings, assign CVSS‑based risk scores, and classify as "Critical/High/Medium/Low". Enrich vulnerability data with asset criticality, exposure, and business impact.
* Remediation Coordination: Create and assign remediation tickets in the ITSM tool (e.g., ServiceNow, JIRA). Work with system owners, application teams, and infrastructure groups to validate patch/apply fixes. Track progress and ensure SLA adherence.
4. Verification & Reporting Conduct re‑scans to confirm remediation success. Produce weekly, monthly, and ad‑hoc dashboards (trend analysis, KPI compliance, residual risk).
* Policy & Process Support: Assist in updating VM procedures, patch‑management policies, and guidelines. Contribute to security awareness campaigns related to vulnerability handling.
6. Tool & Integration Management: Maintain integrations between scanning tools, ticketing systems, CMDB, and governance platforms. Participate in tool evaluation, proof of concept, and rollout of new VM solutions.
7. Incident Response Support: Provide rapid vulnerability verification for security incidents (e.g., exploitation alerts).
8. Documentation & Knowledge Management: Document remediation steps, workarounds, and lessons learned in the knowledge base.
9. Compliance & Audits: Support internal and external audit activities by supplying evidence of vulnerability remediation and control testing.
What is required for you to succeed?
Must Have
* Bachelor of Technology in IT or equivalent.
* Strong experience on IT Service management tools - ServiceNow /Remedy & Confluence/JIRA & knowledge of ITIL Processes
* 2-4 years in vulnerability management, security operations, or a comparable IT security role
* Hands‑on experience with at least one commercial vulnerability scanner
* Understanding of network protocols, operating systems (Windows, Linux, Unix), and common applications.
* Familiarity with CVSS scoring CWE & CPE taxonomy.
* Basic scripting/automation (PowerShell, Bash, Python) for data extraction or ticketing workflow.
* Experience with various Tools:
o Vulnerability scanning platforms (Qualys, Tenable, Rapid7, etc.)
o IT Service Management (ServiceNow, JIRA, Remedy).
o Configuration Management Database (CMDB) concepts.
o Dashboard/Reporting tools (PowerBI, Tableau, Excel).
* Results focused: understands the strategic objectives of the business overall and of the client facing teams. Works with or delegates to ensure their achievement with a quality focus.
* Time management: prioritizes the tasks to ensure all project deliverables are completed in a timely manner. Able to manage workflow effectively to achieve individual team goals.
* Team delivery: contribute and participate in the team proactively. Delivers against strategy. Assist IMS and CSM teams to meet deliverables where necessary.
* Technical knowledge: being able to pick up new tasks, processes, and knowledge quickly when completing analysis.
* Communication: Expresses ideas effectively and clearly in both verbal and written, in a professional and appropriate way. Seek clarification when not clear. For example, while during training, explain the procedures and processes clearly to clients.
* Attention to detail: When testing or rolling out a new process or system - able to identify bugs, flaws, or showstopper issues. Ensure correctness and quality of work.
* Accountable: take personal responsibility for all the projects assigned, deliver quality service against personal and teamwork, also seeking way of improvement.
* Initiative: Tries to find new ways to improve current work, bring fresh ideas to problems and always open to suggestions
Nice to Have
* Agile and Kanban Licenses/Certification.
* Strong experience with Investment Funds' Administration either in a tech or ops capacity.
About BNP PARIBAS
As the leading European Union bank, and one of the world's largest financial institutions with an uninterrupted presence in the region since 1860, BNP Paribas offers a wide range of financial services for corporate, institutional and private investors spanning corporate and institutional banking, wealth management, asset management and insurance.
We passionately embrace diversity and are committed to fostering an inclusive workplace where all employees are valued and encourage applicants of all backgrounds, including diversity of origin, age, gender, sexual orientation, gender identity, religion applicants who may be living with a disability. We have a number of internal employee networks in place to empower our staff to act and challenge the status quo.
* BNP Paribas PRIDE is highly active in favour of the LGBTQIA+ community
* BNP Paribas MixCity which fosters better representation of women at all levels of the organization
* Ability, the mutual aid network for employees with a disability or a disabling or chronic illness
* BNP Paribas CulturAll which celebrates diverse backgrounds
BNP is committed to financing a carbon-neutral economy by 2050. The Group is a founding member of the Net-Zero Banking Alliance and has set up its own Low Carbon Transition Group to support its clients through their energy transitions.
If you require any reasonable adjustments during the recruitment process, please feel free to reach out to us at [1] au.nz.recruitment [at] asia.bnpparibas (dot) com or +61 2 9216 8633 (and ask for the Talent Acquisition Manager in the HR Team).
[2] https://careers.apac.bnpparibas/
More information
[3] BNP Paribas - Diversity & Inclusion Journey
[4] BNP Paribas - The Bank Of Green Changes
Award Obtained
BNPP has won Top employer Europe award in a 10th consecutive year
