Type de contrat :
Fixed-Term Contract

Vulnerability Management Specialist

Modified on 12/07/2026

  • Lieu : Singapour - Singapore
  • Secteur : IT, Digital et Data
  • Numéro de l'offre : 2026-114198

Job description

Position
Data Security Services team in Singapore is responsible for day-to-day operational services on the infrastructure of Europe (mainly France and UK) and Asia remotely from Singapore. France infrastructure represents approximately 80% of the worldwide production activities of CA-CIB in Singapore.    
Team works in Asia and Europe time zones, and this role will be aligned primarily to France, UK and SGP working hours. Flexible rotations are allowed based on the nature of duties.   
The operational support of the team covers the following technical scope:   
Vulnerability Management Service 


Responsibilities
Vulnerability Management Specialist is an individual role within the Data Security Services team and will be responsible for owning the Vulnerability Management. The individual is supported by platform teams for remediation actions. 
The position is pivotal for driving the process with various cross-functional (transverse) IT teams. 
Person will be responsible for following (but not limited to) responsibilities in day-to-day work: 
People will be responsible for preparing the Vulnerability Management Plan and the executes plan through all the phases of Vulnerability Management Lifecycle. 
Ensures that the Vulnerability scans are scheduled, configured in tool and are executed as per the schedule. Any failure of scans is to be investigated and scheduled to re-run. 
Conducts periodical discovery of IT Assets and ensures that identified assets are highlighted to CMDB owner for appropriate Asset tagging and onboards the new asset in Vulnerability Management tool. 
Assess the identified vulnerabilities and study & understand the risk profile, impact as per environmental context. 
Participate and coordinate the discussions with Infrastructure and Application teams and advise them on the relevance of vulnerability and help them understand the impact. 
Understand the false positives reported and the technical limitations of the environment and facilitate the process of Risk Acceptance.  
-          Person will be responsible to liaise with various stakeholders for proposing and maintaining the approvals for such cases.
Collaborate with Infrastructure teams- Windows, Unix, Networks etc. for the remediation of the identified vulnerabilities.  
Maintain the Vulnerability Dashboard for the scope and submit reports both of technical teams and Management Reporting. 
Organize work to achieve compliance with established KPIs for Vulnerability Management and proactively work towards achieving the same. Maintain periodical reporting on progress. 
Escalate- discuss and consult- as required to next levels and Management in timely manner. 
Provide Specialist level for the Vulnerability Management service.

Complément

• Lead the Penetration testing remediation planning with cross functional teams.
• Conduct new threat exposure scanning across the asset scope and advise the applicability and lead remediation exercises with cross functional teams.
• Participate in meetings with various stake holders as per the schedules.
• Liaise with different teams in different geographical zones.
• Propose, plan and execute Service improvements initiatives.
• Adhere to different policies set out by the organization.
• Prepare and provide different reports (weekly/monthly/ad-hoc) to the Manager as necessary.
• Maintain appropriate knowledge required for successful and efficient delivery of responsibilities.
• Keeping abreast of new threats and vulnerabilities and providing analysis as per applicability.
• Comply with all applicable legal, regulatory and internal Compliance requirements, including, but not limited to, the Singapore Compliance manual and Compliance policies and procedures as issued from time to time; Financial Security requirements, including, but not limited to, the prevention of Financial Crime and Fraud including reporting obligations to the Money Laundering Reporting Officer.

  • Minimum level of study
    Bachelor Degree / BSc Degree or equivalent
    Training / Specialization
    Degree and above in relevant discipline 
    Qualifications and Profile
    8 -10 years of IT experience with 4-7 years of IT Security experience and 4+ years of experience in managing Vulnerability Management process for an enterprise.  
    Professional Certifications (highly preferred)  
    -          Certified Information Systems Security Professional (CISSP)
    -          GIAC Enterprise Vulnerability Assessor (GEVA), or any other Vulnerability Management Certification
    -          CREST certification
    Working & hands-on experience in managing Vulnerability Management process;  
    Strong technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms, networks, database, and application servers.  
    Ability to assess vulnerabilities and prioritize remediation planning;   
    Experience in working collaboratively with cross-functional/transverse IT teams in Production setup (Operations) mode;  
    Ability to apply Risk based approach while working on assigned responsibilities;  
    Must have working experience in administrating and operating Tenable (Nessus) Security Center vulnerability management tool for a Large enterprise level environment;  
    Good understanding of Reporting needs at various levels of organization and ability to design, create and present the same;  

    Minimum experience level
    3-5 years
    Skills needed
    • Hands-on experience of creating reports using various tools such as Excel, PowerPoint, Word in graphical formats, trending;
    • Experience in working with any BI tools like Power BI etc. to prepare the dashboard;
    • Knowledge of different domains of Information Security;
    • Working experience in financial organization is highly preferred;
    • Excellent in analytical, communication and documentation skills;
    • Ability to organize work and be able to priories work as per the operation’s needs;
    • Must have strong understanding of ITIL processes and be comfortable working in process-oriented environment;
    • Ability to work independently and as well as a part of team and is able to work under minimal supervision;
    • Should have time management skills and able to manage work in fast moving environment;
    • Excellent written and oral English language skills.
  • About Crédit Agricole Corporate and Investment Bank (Crédit Agricole CIB)

    Crédit Agricole CIB is the corporate and investment bank of the Crédit Agricole group, the 10th largest banking group in the world *.

    We support major companies and financial institutions in their development and the financing of their projects.

    As pioneers in responsible finance, social and environmental commitments are at the heart of our activities.

    Joining our teams means working in a multicultural environment, both dynamic and stimulating, where you will contribute to developing a sustainable economy.

    We support employees throughout their journey: you will develop your skills and access various mobility opportunities among the diversity of our businesses in more than 30 international locations.

    Our culture is built on collaboration, innovation and openness, where everyone is valued and empowered.

    By working every day in the interest of society, Crédit Agricole CIB aligns with the Group values committed to diversity and inclusion and placing people at the heart of all its transformations.

    All our jobs are open to people with disabilities. We welcome applications from candidates of all backgrounds and experiences.

    Ready to take part in our mission ?

    *By balance sheet size - The Banker, Juillet 2025

Crédit Agricole CIB

Crédit Agricole CIB

Vulnerability Management Specialist

Published the 12/07/2026

Type de contrat :
Fixed-Term Contract
  • Singapour - Singapore
  • IT, Digital et Data
  • 2026-114198
Join
-us

Our benefits

Your commitment to society

We support various causes through our solidarity initiatives and charitable activities.

Our employees actively participate in these programmes and making a meaningful difference in our communities.

Your professional development

We support employees throughout their career journey. You will have opportunities to develop your skills through diverse training programmes tailored to your role and goals.

You will have access to various mobility opportunities across our diverse businesses and 30+ locations.

Your work environment

Employees of Crédit Agricole CIB entities may work remotely if their role is eligible. The number of remote working days varies by country.

Many of our employees have moved into new workspaces designed to increase flexibility and foster collaboration.

Your employee benefits

As a responsible employer, Crédit Agricole CIB provides, where applicable, salary continuation and insurance coverage for employees in the event of major life circumstances such as illness, workplace accidents, disability.

With a strong commitment to parenthood, we are committed to supporting employees through parenthood with paid maternity and paternity leave.

Your compensation

Your compensation may comprise fixed & variable components based on your responsibilities, skills & performance.

Depending on your country, you may be offered the opportunity to participate in Crédit Agricole Group’s capital increases

Your onboarding

The « Welcome on board » programme will give you a chance to discover Crédit Agricole CIB’s organisation, teams, and discover Bank’s business culture. You will be invited by HR team to a welcome session within 3 months of arrival.

These offers may interest you!