This role is part of NCR's Global Information Security team. This team is responsible for developing and implementing NCR's corporate information security program. The primary goal of the program is to protect the confidentiality, integrity, and availability of information resources. Key information security functions and activities include architecture and design for NCR information security controls, developing and enforcing policies and standards, security awareness training, risk management, assessment, and testing, monitoring and metrics, incident management, and threat and vulnerability management.
Information Security Engineer IIIwill be responsible for identifying, analyzing, and mitigating vulnerabilities within our systems. This role requires a deep understanding of vulnerability management tools, particularly Rapid7, and the ability to work closely with cross-functional teams to ensure the security of our infrastructure.
Key Responsibilities
Vulnerability Assessment: Conduct regular vulnerability assessments using tools like Rapid7 to identify potential security risks.
Analysis and Reporting: Analyze vulnerability data and generate detailed reports for stakeholders, highlighting critical issues and recommended remediation steps.
Remediation and Prioritization: Prioritize and remediate security vulnerabilities
Incident Response: Collaborate with the Incident Response team to address and mitigate vulnerabilities that could be exploited during security incidents.
Patch Management: Work with IT and development teams to ensure timely application of security patches and updates.
Security Best Practices: Develop and enforce security best practices and guidelines to minimize vulnerabilities.
Training and Awareness: Provide training and awareness sessions for staff on vulnerability management and security practices.
Documentation: Maintain comprehensive documentation of vulnerability management processes, findings, and remediation efforts.
Continuous Improvement: Stay updated with the latest security trends, vulnerabilities, and threat intelligence to continuously improve the vulnerability management program.
Qualifications:
Bachelor's degree in Computer Science, Information Security, or a related field.
Minimum of 5 years of experience in vulnerability management or a related role.
Proficiency in using vulnerability management tools, particularly Rapid7.
Strong understanding of network protocols, operating systems, and security architectures.
Experience with incident response and patch management processes.
Excellent analytical and problem-solving skills.
Strong communication skills, both written and verbal.
Knowledge of relevant information security and incident response frameworks such as NIST Cyber Security Framework, MITRE ATT&CK Framework.
Ability to deal with ambiguity and translate high level objectives into detailed tasks
Ability to prioritize work with multiple, simultaneous work assignments.
* Ability and willingness to learn new tools and processes.
Beware of fraud agents! do not pay money to get a job
MNCJobsIndia.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.