Job Description

:
Role Proficiency:
Oversee and support the continuous improvement of the vulnerability management program initiatives process technology integration and technical assessment. Enhance technology and/or process to validate inventory of critical infrastructure and applications are in place.
Outcomes: * Identification of vulnerabilities in the organization's network and IT infrastructure.

• Evaluation of risk associated with the vulnerabilities.
• Vulnerabilities prioritization based on their severity and impact.
• Responsible for the quality of deliverables of the team.
• Perform gap analysis of current vulnerability remediation policies and processes versus industry best practices for a healthcare organization to identify opportunities for improvement.
• Track and ensure remediation of identified vulnerabilities.

Measures of Outcomes: * Mean time to remediation

• Risk score
• Average vulnerability age
• Rate of recurrence
• Total risk remediated/ coverage
• Average time to action
• Average Vulnerability Age
• Internal Vs External Exposure
• Rate Of Recurrence
• Total Risk Remediated

Outputs Expected:
Vulnerability Management: * Provide reporting and analysis and follow-up.

• Provide vulnerability analysis and produce reports for management.
• Own and manage identified threats & vulnerabilities to ensure their complete remediation.
• Configure

schedule
and execute vulnerability scans
Continuous Learning
innovation
and optimization: * Ensure completion of the learning program suggested by Managers

• Suggest ideas that will help innovation and optimization of processes
• Stay on top of the security research community

to be up to date on current attacks
campaigns
and trends to initiate innovative research activities. * Perform gap analysis of current vulnerability remediation policies
and processes versus industry best practices for a healthcare organization to identify opportunities for improvement. * Track and ensure remediation of identified vulnerabilities by weekly reports.
Skill Examples: * Understanding of attacker behaviors and techniques is required.

• Threat modeling
• Proficiency in Vulnerability management tools such as Spotlight Rapid7 Nessus Tenable or Qualys.
• Strong communication skill
• Ability to learn and view vulnerabilities with a risk-based lens are required.
• Strong analytical skills and efficient problem solving
• Security hardening techniques and hardening standards patching
• Ability to design and document security operational procedures

Knowledge Examples:
Knowledge Examples * Familiarity with basic security concepts in vulnerability management network security systems administration or other areas of technology is required.

• A strong understanding of the current threat landscape including the latest tactics tools and procedures common malware variants and effective techniques for detecting this malicious activity.
• Exploit development.
• Security certifications such as CEH GPEN GSEC CISSP.
• Bachelor's degree in Computer Science Information Technology Cyber Security or related discipline.

Additional Comments:
Mandatory Skills: Qualys, Vulnerability Management, Operating Systems, Operations Improvement, ITIL Process Skill to Evaluate: Vulnerability Management, Operating Systems, Operation Team, Operations Improvement, Coordination, ITIL Process Experience:8 to 13 Years Location:Bengaluru : Threat and Vulnerability Management Engineer About the Role: This is a HANDS-ON engineering position for individuals with a passion for Vulnerability Management, managing related tools and supporting business. The role is 70% focused on providing operations support and 30% focused on new projects, enhancements. Hybrid working model is available. Education:A university bachelor's degree in cyber security or computer Engineering is a must-have. One or more certifications from any of the security education-credentialing institutes like GIAC, SANS Institute is a plus. Recruiting Team: The recruiting team works on various security domains like Endpoint Security, Threats & Vulnerabilities management, Inventory management, Data Analytics, Cloud Security. Prior Experience: Must-Haves: Minimum experience of 8 years in the field of Threats and Vulnerability management in a corporate environment Hands-on expertise operating, integrating Qualys platforms using the console, scripting, and automation frameworks. Hands-on expertise programming in Python Hands-on experience analysing Vulnerability data for both on-prem, cloud and cloud native environments. Have a sense of urgency in production issues and be a proactive speaker and listener. Preferred: Hands-on experience in programming with networking stack, TCP/IP stack, compute technologies (virtualization, containerization), storage Hands-on experience implementing and integrating security stacks in support of Threats & Vulnerabilities management. Knowledge of technical design of the security controls (especially in the Windows OS) Day-to-Day Responsibilities: Manage Qualys console using various modules. Make sure client agent coverage is managed at a good level. Support business with Qualys and/or Vulnerability Management requests Understand the current state of the technology components in the IT stack ranging from networking, storage, compute (virtualization, containers), applications & security mgmt. Collaborate with team-mates and understand the threats, vulnerabilities, and risks to the enterprise. Establish non-production and production environments for testing and hosting the applications. Own the end-to-end technical design, unit testing and the maintenance of the hosting environment. Adhere to the Scaled Agile Framework methodologies and tools that exists in the environment. Participate in daily stand-up sessions of Compliance & Security release train and contribute to bi-weekly sprints. Learn System Engineering concepts to analyse existing environment and find more efficient ways. Identify ways of doing things with full automation, AI and ML which needs knowing/learning the concepts of these technologies. Success Factors: Maintain regular communication with supervisor and continually update needs & priorities to the supervisor. Critical analytical, problem-solving skills is essential. Be able to clearly communicate the message via oral communication and written communication. Possess an assertive communication style. But maintain a positive relationship with all team members and stakeholders. Strong focus on continuous learning and improvement Education Qualificaiton: Bachelor's Degree
Skills:
Qualys,Vulnerability Management,Operating systems,Operations improvement, ITIL Process
About Company:
UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world's best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future-proof philosophy, UST embeds innovation and agility into their clients' organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact--touching billions of lives in the process.