Job Description

Responsibilities:

As a

Lead

Cyber security Analyst with Principal Global Services,

you'll

join

Network

vulnerability management

team,

and your key roles and responsibilities should include:

Zero-Day vulns management and Attack Surface Management

Keep abreast on Cyber threat advisories for publicly disclosed vulnerabilities identified in Core IT infrastructure, vendor software/hardware products and develop the mitigation/remediation orders Hands-on experience on the Attack Surface Management tools such as Security Scorecard to maintain the company's security risk posture.

Network Vul. Management

in Cloud Environment / Assets

Candidate should have AWS cloud Practioner certification. AWS Cloud Security Specialty certification is a plus. Have a detailed understanding of the AWS cloud Compute services such as EC2's, Containers, Lambda's etc. Should be able to assess the remediation priority of the vulns reported by the enterprise vuln. management tools Must have analytical ability to analyze the vulns reported by enterprise tools and provide remediation recommendation to the stakeholders. Ability to work independently with the stakeholders for their remediation to achieve the org. compliance requirements. Hands on experience in setting up, configuring, managing, using Vulnerability Management tools (i.e. Prisma, Wiz etc.) to scan cloud workloads.

Preference for Wiz

.

Perform special security projects on an ad-hoc basis as per requirement like configuring scanning of new category of assets in AWS cloud.

Network Vul. Management on On-prem assets

Should be able to assess the remediation priority of the vulns reported by the enterprise vuln. management tools Must have analytical ability to analyze the vulns reported by enterprise tools and provide remediation recommendation to the stakeholders. Ability to work independently with the stakeholders for their remediation to achieve the org. compliance requirements. Hands on experience in setting up, configuring, managing Vulnerability Management tools (i.e. Qualys, Nessus, Nexpose, Insight VM etc.) to scan on-prem assets.

Preference for Nexpose and Insight VM

Perform special security projects on an ad-hoc basis as per requirement like Blind Spots Assessment, configuring scanning of new category of assets in on-prem network.

Other activities

of Vulnerability Management Ops

Build & maintain process documentation related to Vulnerability Management as per the business requirements. Experience in identifying and managing false positive vulnerabilities reported by the tools. Assist the stakeholders with exception processing for vulnerabilities that cannot be remediated. Hand-on Experience on using Archer tool for managing security vulnerabilities end-to-end ; from reporting to closure with remediation/ exception Knowledge of Vulnerability Scoring Systems like CVSS.

Qualifications:

Qualifications

At least 8 Years of Hands-on experience in network vulnerability management domain Hands on experience on using Kali Linux toolkit for conducting penetration testing as required. Knowledge of TCP/IP networking and packet analysis.



Additional Information:

Scripting and Automation Experience

Should have hands-on experience in scripting languages - PowerShell or python. Have an analytical ability to identify automation opportunities in the Vulnerability Management operational processes. * Develop automation to increase efficiency and productivity of the team.