OECD - OCDE

About the Company

The Organisation for Economic Co-operation and Development (OECD) is an international organisation that works to build better policies for better lives. We draw on more than 60 years of experience and insights to shape policies that foster prosperity and opportunity, underpinned by equality and well-being.

We work closely with policy makers, stakeholders and citizens to establish evidence-based international standards and to find solutions to social, economic and environmental challenges. From improving economic performance and strengthening policies to fight climate change to bolstering education and fighting international tax evasion, the OECD is a unique forum and knowledge hub for data, analysis and best practices in public policy.

Our core aim is to set international standards and support their implementation – and help countries forge a path towards stronger, fairer and cleaner societies.

Listed Jobs

Company Name

OECD - OCDE

Job Title

Vulnerability Management Officer

Job Description

**Job title**: Vulnerability Management Officer **Role Summary**: Lead the OECD Digital Security Office’s vulnerability management program, proactively identifying, assessing, and remediating security flaws across all digital assets to reduce the organization’s attack surface and support compliance with OECD policies and industry standards. **Expectations**: - Deliver timely, effective vulnerability management solutions across diverse platforms (SaaS, PaaS, on‑premise, web, bespoke). - Maintain a high level of technical rigor and policy compliance in line with CIS Controls, OWASP, and OECD‑specific guidelines. - Foster collaboration with technical, privacy, and risk teams to ensure coordinated remediation and continuous improvement. **Key Responsibilities**: - Conduct comprehensive vulnerability scans and prioritize findings. - Oversee remediation workflows, ensuring closure within agreed SLAs. - Plan and execute advanced security assessments, including annual Red‑Team exercises and penetration tests. - Advise on control recommendations during Digital Solution Risk Assessments (DSRA). - Issue mandatory notifications for remediation, track patching and control implementation, and monitor compliance. - Contribute to the development, implementation, and continuous improvement of digital security policies, technical compliance frameworks, and vulnerability management protocols. - Ensure alignment with OECD’s Patch Management Policy and relevant guidelines. **Required Skills**: - Strong knowledge of vulnerability assessment tools (e.g., Nessus, Qualys, OpenVAS). - Experience with penetration testing techniques and red‑team methodologies. - Proficiency in interpreting and applying CIS Controls, OWASP Top 10, and ISO/IEC 27001. - Ability to develop remediation plans, reach consensus, and track progress. - Excellent communication skills for technical documentation and cross‑functional coordination. - Familiarity with patch management processes and compliance monitoring. **Required Education & Certifications**: - Bachelor’s degree in Computer Science, Information Security, or related field. - Professional certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or CISSP highly preferred. ---

Paris, France

On site

14-01-2026