Join our Team
About this opportunity
We are now looking for a Security Vulnerability Specialist professional for our Managed Security team. This job role is responsible for identifying, researching, prioritizing, remediating, and mitigating vulnerabilities as part of the vulnerability management program.
What you will do
• Daily operations and maintenance of vulnerability scanning tools and supporting infrastructure
• Register the assets in the scanning tool and perform scanning as per the agreed schedule
• Perform Vulnerability Management, including but not limited to: supporting scan tools, implementing vulnerability scans, performing analysis, recommending / tracking mitigations
• Analyze results of penetration testing and provide executive reports with recommendations for mitigation
• Review and analyze security vulnerability data to identify applicability and false positives; recommend corrective actions for mitigation
• Publish reports as per the defined schedule on identified security vulnerabilities as well the control gaps identified during security control review
• Track remediation of vulnerabilities by using agreed-upon action plans and timelines with responsible technology developers and support teams
• Assist in metrics development and reporting
• Devise methods to automate testing activities and streamline testing processes
• Provide oral briefings to leadership and technical staff, as necessary
• Support and run vulnerability management scans of the customer systems (using tools like Tenable Nessus, Qualys, etc.)
• Plan and handshake vulnerability schedule with customers & stakeholders
You will bring
• Solid understanding of security controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security)
• Working knowledge of scanning tools (Nessus, Qualys, IBM AppScan, etc.)
• Strong understanding of enterprise, network, system and application level security issues
• Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks also with available security control (technical & process control) for respective layers
• Experience writing technical reports and executive summaries
• The ability to provide support after normal business hours
• The ability to work constructively under pressure
• Ability to work both in a team as well as individually
• Participate in the out-of-hours on call rotation, providing technical support to the business for incidents
• Knowledge sharing and collaboration skills
• Deliver results and meet customer expectations
• Excellent communication skills; English is a must
Key Qualifications:
Education: BE/ B.Tech (Telecommunication/ Computer Science)
Minimum years of relevant experience:
• 5 to 10 years' experience with at least 5 years in IT and 4 year in Security with 1-3 years of experience performing vulnerability assessments
• ITIL certification, CCSP, OSCP, Security +, CCNA Security or similar will be an advantage
• Basic knowledge of telecommunications networks will be an added advantage