Location
Mumbai | India
Job description
Job Title: Senior Specialist
Skills: Vulnerability Management + Qualys +MS Defender
Location : Mumbai / Pune / Bangalore / Hyderabad / Chennai / Delhi / Indore / Nagpur / Bhubaneshwar / Jaipur / Kolkata
Exp: 08 - 12yrs
Job Description: - Having Basic knowledge Vulnerabilities, system weakness, patching process vulnerability mitigation process.
- Review the application design, architecture, business flow, implementation and identify security testing scope and recommendations.
- Execute penetration test validating against Industry standard test check list and document every results.
- Identify the security issues, weakness and suggest counter measures for remediation and security improvements.
- Prepare security assessment report leveraging the customized template with POCs.
- Adept at selecting and utilizing appropriate technologies to solve complex problems effectively.
- Keep up to date with evolving cyber threats and identify any new and sophisticated methods of detecting vulnerabilities
Knowledge & Skills : - Beginner + Knowledge Operating systems, Basic Network knowledge, Vulnerabilities management processes, analysis of vulnerabilities, exception/False positive analysis, Vendor Advisory handling.
- VA tool administration/basic configuration level knowledge (menus/option, running scans, asset group, profiles/templates, Qualys Agent workflow, deployment, solution level troubleshooting etc.,) and its modules, VM process
- Knowledge of Microsoft excel commands/function/ pivots etc. for reporting.
- integrations process (Qualys/SNOW/ automation tool in place. etc.)
- Attending internal/client calls
- Intermediate + Good Network knowledge (function of routers, Gateways security tools, Firewall etc., troubleshoot reported vulnerabilities, help remediation teams with additional inputs, review and publish vendor Advisories, vendor management (interacting with vendor/TAMs etc., )
- Team handling (cross skill team, conduct internal trainings.
- Vulnerabilities, Vendor Advisory analysis and publish reports.
- End-to-End VA tool administration, understand integrations ( Ticketing tools), manage and finetune advance configuration (design report templates etc., solution design knowledge, advance level troubleshooting etc.,) and knowledge of additional modules and deployment.
- Knowledge of security process/SLAs, solutions/status reporting)
- Handling client/LTIM security team/CISO levels (Interacting with client, handling calls, prepare, review and present VM status/risk level posture,), handling internal remediation calls.
- Work on VM enhancements, review additional modules, 3rd party solution and recommend as needed for Client environment. prepare the documents/SOPs etc.
- Highly customer focused and motivated with willingness to take ownership/responsibility for their work and ability to work both independently and in a team-oriented environment.
- Exceptional behaviors and interpersonal skills.
- Effective oral and written communication
- Able to perform Triaging, Vulnerability Management & handling internal teams, management, and client security teams and Vendors calls handling
- Team management.
Education Background : - 6-10+ years of hands-on experience in Security/PEN Testing practices.
- Hands-on experience in application penetration testing (Web, API, Mobile, Thick Client) without or with tools such as but not limited to...Kali Linux, Burp Suite, Nmap, ZAP, Metasploit, Nessus, etc.
- Good Knowledge and experience on OWASP Top 10 Methodologies, SANS Top 25 and how to effectively remediate vulnerabilities associated with each.
Industry Certifications : CEH, VM tool solution level certifications, other security solution
Job tags
Salary