Who We Are
The BISO I&T team acts as the strategic bridge between the Office of Information Security (OIS), Global IT, and Global Assets, ensuring that enterprise infrastructure and platforms are secure by design, technically compliant, and operationally resilient. The function translates corporate security strategy into executable technical requirements, balancing risk, standards, and delivery at scale.
What You’ll Be Doing
In collaboration with your Business Information Security Officer, your main activities will be:

• Monitor, analyze, and prioritize vulnerabilities identified across corporate infrastructure, applications, and cloud environments, ensuring alignment with internal severity models and remediation SLAs.
• Validate vulnerability alerts, assess business impact, and coordinate triage activities with asset owners, BISOs, IT operations, and security teams to drive timely remediation.
• Oversee the end-to-end vulnerability lifecycle, from discovery and classification to remediation tracking, closure verification, and compliance reporting.
• Support security posture improvement initiatives by analyzing recurring weaknesses, identifying systemic gaps, and recommending corrective or preventive measures.
• Produce clear dashboards, reports, and metrics to communicate risk exposure, remediation progress, SLA adherence, and posture improvement trends to leadership.
• Collaborate with penetration testing, configuration, and threat intelligence functions to contextualize vulnerabilities and strengthen operational resilience.
• Ensure alignment with corporate vulnerability management standards, policies, and security controls, supporting audits and regulatory requirements.
• Provide expert guidance to technical teams on remediation strategies, compensating controls, and secure configuration improvements.
• Contribute to continuous improvement initiatives, unified workflows, and automation efforts that enhance the organization’s overall security posture.
• Undertake additional duties as needed.
  

What You’ll Bring Along

• A minimum of 3 years of experience in the information security field and the responsibilities described above, especially related to vulnerability management and SecOps teams.
• Experience in end-to-end vulnerability lifecycle management (discovery, classification, remediation, validation, and closure)
• Awareness of compensating controls and risk mitigation strategies
• Cross-functional collaboration with BISOs, asset owners, IT operations, and security teams experience
• Ability to provide expert security guidance to technical teams
• Continuous security improvement mindset
• Strong written and verbal communication skills for both technical and non-technical audiences
• Awareness of corporate security controls, policies, and standards
• Analytical and problem-solving skills
• Attention to detail and strong organizational skills
• Ability to manage multiple priorities and deadlines
• Adaptability and willingness to undertake additional duties as needed
• Excellent command of English language
  

Show more
Show less