Job Title: Lead Consultant - Remediation EngineerCareer level: EIntroduction to roleWe are looking for a diligent and analytical Risk Remediation Engineer to join our growing team. This individual will play a critical role in analyzing the findings from penetration tests and other security assessments, conducting thorough root cause analysis, and driving the remediation process. You will work closely with subject matter experts (SMEs) across various technology teams to identify effective remediation steps and implement them to address technical risks. Additionally, you'll help improve our risk management program by monitoring metrics, tracking progress, and reporting on remediation efforts.AccountabilitiesFindings Analysis & Root Cause Analysis: Review findings from penetration tests (pen tests), dissect vulnerabilities, and conduct root cause analysis to understand the underlying issues. Identify the most effective remediation steps for each vulnerability.Collaboration with SMEs: Work alongside SMEs from various IT teams (e.g., network, development, infrastructure, applications, cloud, SaaS, security) to develop and implement effective remediation solutions that address identified risks.Remediation Solutioning & Deployment: Architect, design, and deploy risk remediation solutions based on analysis, ensuring they align with organizational security requirements and best practices.Risk Mitigation & Tradeoff Analysis: Assess and evaluate alternative solution approaches, considering potential tradeoffs related to risk, cost, implementation time, and business impact.Improving Program Development: Aid in improving the risk remediation program through monitoring performance indicators and progress. Document and report on the progress of remediation efforts, ensuring the program is continuously improving.Compliance & Reporting: Ensure remediation activities align with industry standards, regulations, and best practices (e.g., NIST, ISO). Produce detailed reports for stakeholders on remediation progress and outcomes.Stakeholder Communication: Effectively communicate risk findings, remediation strategies, and status updates to both technical and non-technical stakeholders across the organization.Essential Skills/ExperienceTechnical depth to understand findings, and identify root causes, architect and design remediations.Demonstrable experience in risk analysis, vulnerability management, and/or IT security.Solid experience in analyzing penetration test results and identifying the root cause of vulnerabilities.Familiarity with common penetration testing tools and techniques.Ability to work multi-functionally with IT teams to design and implement remediation solutions.Strong problem-solving skills with the ability to develop actionable and effective remediation strategies.Experience in risk assessment, mitigation, and management, with an understanding of risk management frameworks and best practices.Skilled at recording metrics, tracking progress, and improving programs continuously.Knowledge of security standards and frameworks (e.g., NIST, ISO, SOC 2).Good communication skills, both written and verbal, with the ability to clearly explain technical issues to non-technical collaborators.Desirable Skills/ExperienceExperience with attack chain and ability to analyze and quantify risk based on other security controls.Experience with security tools and technologies.Familiarity with cloud environments and security practices (AWS, Azure, GCP).Experience in automation, scripting.Expertise in data analytics or reporting tools (e.g., Power BI, Tableau, Excel).When we put unexpected teams in the same room, we unleash bold thinking with the power to inspire life-changing medicines. In-person working gives us the platform we need to connect, work at pace and challenge perceptions. That's why we work, on average, a minimum of three days per week from the office. But that doesn't mean we're not flexible. We balance the expectation of being in the office while respecting individual flexibility. Join us in our unique and ambitious world.At AstraZeneca, our work has a direct impact on patients' lives by redefining our ability to develop life-changing medicines. We empower the business to perform at its peak by combining ground breaking science with leading digital technology platforms and data. Our dynamic environment offers countless opportunities to learn and grow while working on innovative projects that disrupt the industry. Here you can explore new technologies, experiment with groundbreaking solutions, and tackle challenges that have never been addressed before. With a spirit of experimentation and a commitment to high standards, we enable AstraZeneca to perform at its peak by delivering world-class technology and data solutions.Ready to make a significant impact? Apply now!Date Posted 05-May-2025Closing DateAstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills. We believe that the more inclusive we are, the better our work will be. We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorization and employment eligibility verification requirements.
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.