|
RESPONSIBILITIES
|
- Working on Vulnerability Management Program focused on ensuring that vulnerabilities within the organization are quickly identified, triaged, tracked, and appropriately remediated.
- Working with cross-functional, global stakeholders to drive remediation programs and ensuring proper remediation of vulnerabilities till closure.
- Working on various vulnerability scanning reports- Assessing, validating, and triaging vulnerabilities- Ensure organizational vulnerabilities are properly documented, tracked, and addressed.
- Working closely with internal stakeholders to address reported vulnerabilities to ensure timely remediation or approved exception and ad-hoc scan.
- Clearly advises stakeholders and technical teams on vulnerabilities, criticality, impacts, and remediation to meet information security standards.
- Develops remediation reports, out briefs, and scorecards addressing risk, vulnerability, and organizational progress.
- Providing regular reports and updates to senior management on the status of the vulnerability management program, including progress on remediation efforts and any critical vulnerabilities requiring immediate attention.
- Working on all other Security, Risk & Compliance issues within the Organization.
|
|
REQUIREMENT
(Experience, Qualification, Knowledge & Skills)
|
- 8-10 years of IT experience
- Experience in IT, Cybersecurity, Risk / Vulnerability Analysis or Management, or related fields.
- Bachelor’s degree in computer science, Engineering, or related field.
- Strong knowledge of vulnerability management processes, tools, best practices, and vulnerability validation and triaging.
- Experience with industry-standard enterprise vulnerability scanning offerings, such as Qualys, Nexus IQ, Fortify, Key light, Datamart, Splunk etc.
- Strong communication and collaboration skills with the ability to work effectively in a multi-vendor environment.
- Vulnerability Management experience within containerization platforms (Docker, Kubernetes, etc.) and major cloud environments (AWS, Azure etc.)
- Familiarity with security frameworks and standards, such as PCI DSS, NIST, ISO 27001, OWASP Top 10, or Critical Security Controls.
- Strong communication skill and time management skill.
- Ability to prioritize task and ensure delivery under tight schedule.
|
