Vulnerability consultantPosted: April 24, 2023, 6:33 a.m. - Full Time - Bangalore
- Leading AI-driven Global Supply Chain Solutions Software Product Company and one of Glassdoor’s “Best Places to Work".
- Seeking an is seeking an Infrastructure Vulnerability Consultant who would be responsible for scanning the entire infrastructure of the organization and mitigating the risk.
- The candidate will be interacting with internal technology functions to ensure they are made aware and stay updated on Secure Architecture and controls.
- Candidate will be directly responsible for vulnerability management and threat management of the infrastructure and information assets.
- Core responsibilities to include assessing and promoting remediation for all the assets that reside in all the regions and data centers across the globe.
- Candidate will be a key member of the centralized information security team.
What you’ll do:
- Perform vulnerability scans and report findings for On-prem and Cloud network.
- Publish the vulnerability status reports to senior management and track remediation. Define and participate in implementation of On-prem and Cloud architecture and security controls.
- Proactive identification of threats and risk remediation.
- Plan and implement security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
- Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
- Upgrade security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
- Participate in and assist with incident response team, as appropriate.
- Generate metrics for the Management as needed.
- Prepare system security reports by collecting, analyzing, and summarizing data and trends.
What we are looking for
- 8-10 years of proven experience in Information security or Vulnerability Management or Penetration testing; a Master’s degree can be substituted for experience.
- Strong expertise in Vulnerability and Threat Management, gathering and condensing threat intelligence into actionable and meaningful communication materials.
- Bachelor’s degree in information security or Information Technology or Computer Science or related fields or from STEM.
- Deep and diverse experience architecting and implementing network security designs.
- Expert in network security, system security and endpoint security.
- Education and experience in public cloud infrastructure such as Microsoft, Google, AWS, or IBM.
- Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001/2, and SSAE-18.
- Proven experience with products dealing with vulnerability management services which include Retina, Qualys, Nessus, Nexpose, etc.
- Practical experience with the development, implementation, and management of security related technologies (i.e., SIEM, WAF, AV, Firewalls, Internet-facing services).
- Excellent customer service including strong written and oral communication skills.
- Knowledge of security network devices (firewalls, switches, SIEM, Antivirus, cryptography, etc.) and other security networking hardware/software tools.
- Demonstrated understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting.
- Certifications such as CISM, CEH, CISSP or equivalent.
- Results focused and attention to detail.
- Ability to work in the 2nd shifts to overlap with customer hours.