Responsibility
- Assist within the responsibility for analyzing the vulnerabilities' data from multiple sources (i.e. external/internal penetration testing, internal/external vulnerability scanning, etc.) across multiple technologies and dynamic surroundings together with infrastructure and applications to determine risk factors.
- Review & Monitor VM tool operations and co-ordinate Troubleshooting exercise.
- Assist in working with the Business to effectively communicate the risks of identified vulnerabilities and make recommendations regarding the selection of cost-effective security controls to mitigate identified risks
- Provides analysis of vulnerabilities to other team members to assist in support and resolution with overall vulnerability remediation efforts
- Provides analysis and validation post remediation, opportunities for improvements
- Recommend approaches for addressing vulnerabilities include system patching, deployment of specialized controls, code or infrastructure changes, and changes in development processes.
- Perform Remediation Governance and provide Executive Dashboard representation.
- Execute the vulnerability lifecycle management strategy across the organization
- Assist in interfacing with third-party vendors in improving the vulnerability management process
- Monitor news and intelligence feeds on a daily basis to proactively identify vulnerabilities that may impact the organization
- Continue self-development of knowledge, skills and abilities to better support execution of the Cybersecurity capability
Experience:
- Total of 7 to 10 years in IT technical role with at least 5 years’ experience in vulnerability management and compliance monitoring.
- Bachelor’s Degree in Computer Science or equivalent
- Demonstrated experience in cybersecurity vulnerability management and analysis.
- Well conversant in VM tool - Tenable (Mandatory) covering both VM & Policy compliance scanning. Other tools knowledge like Qualys, Rapid7 & MS Defender will be preferred in addition.
- Experience in defining, implementing, and consulting for vulnerability management framework based on enterprise security requirements.
- Overall knowledge in VM process and remediation Governance. Ability in working with the Business to effectively communicate the risks of identified vulnerabilities and recommend approach for addressing vulnerabilities.
- Holds experience in delivering Risk and Compliance management services for a client-based delivery environment.
- Good problem solving capability, team player, good communication and documentation skills.
- Handle multiple tasks with different group in a team in a wider domain.
- Ability to prepare Informative Presentation & MIS documentation.
- Ready to work in shifts (24x7 in rotation)
- Should be working as per policies & procedures in compliance with Information Security recommendations.
- Self-driven to take individual initiatives and able to work with minimal guidance.
