UKG
Location
Noida | India
Job description
Here at UKG, our purpose is people™. Our HR, payroll, and workforce management solutions help organizations unlock happier outcomes for all. And our U Krewers, who build those solutions and support our business, are talented, collaborative, and innovative problem-solvers. We strive to create a culture of belonging and an employee experience that empowers our people – both at work and at home. Our benefits show that we care about the whole you, from adoption and surrogacy assistance to tuition reimbursement and wellness programs. Our employee resource groups provide a welcoming place to land, learn, and connect with those who share your passions and interests. What are you waiting for Learn more at
Description About the Team: This hybrid position is responsible for all tasks related to vulnerability management in a complex environment that demands one to stay current with emerging technologies and vulnerabilities. Attributes we will look for in our candidates include excellent technical and analytical skills, communication and flexibility, innovative thinking and problem solving. About You You will assess findings from SAST, SCA, and CSPM tools and contribute to the enhancement of our vulnerability management program's maturity. Collaboration with cross-functional teams to prioritize and mitigate security backlogs will be key to your success. The ideal candidate will demonstrate a thorough grasp of the software vulnerability lifecycle, effectively guiding from detection to mitigation. Responsibilities Drive vulnerability management tasks inside the company, including processing findings, tracking items and their remediation, analyzing trends and reporting Maintain a working knowledge of current and emerging AppSec threats, such as how they work, remediation and exploitability factors Map vulnerability assessment results to asset inventory Recalculate severity for risks that decrease due to exploitability limitations and threats, prioritizing vulnerabilities based on residual risks Identify and recommend appropriate measures to manage and remediate vulnerabilities with the focus on reducing potential impacts on information resources to a level acceptable Aide in creation of vulnerability metrics and remediation-related dashboards and reports Liaise with stakeholders to understand, prioritize, and coordinate vulnerability remediation activities Maintain awareness of publicly disclosed vulnerabilities (CVEs) and potential vulnerabilities (rumors, blogs, partial public analysis) Engage cross-divisional teams and oversee the implementation of security recommendations by leveraging appropriate communication methods, tracking remediation of identified risks, mitigation strategies, plan activities and dependencies Execute responsibilities with an understanding of the Global Security vision, strategic objectives, and priorities Qualifications Basic Qualifications: Solid understanding of the OWASP Top 10 and emerging attack vectors Previous experience with vulnerability management lifecycle. Experience with application vulnerabilities scanning tools (SAST, SCA) such as Checkmarx, Blackduck, GitHub Advanced Security. Excellent written and verbal communication skills. Has good organizational and interpersonal skills and experience in interacting successfully with both technical and non-technical people. Demonstrated ability to work well independently with little input, and as a part of a team. Preferred Qualifications Previous experience with programming or scripting Experience with public cloud infrastructure and cloud security posture management (CSPM) tools such as Wiz or Orca Ability to fully understand business requirements and work with business partners to define appropriate solutions, meeting both security mandates and business needs Preferred certifications: OSCP, GMON, GWAPT, GXPN, GPEN, GWAPT or OSWE. Bachelor's Degree in Information Systems, Computer Science or related discipline or equivalent work experience. Equal Opportunity Employer Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws. View The EEO is the Law poster and its supplement.Job tags
Salary
