Job Description

Job Title: Senior Specialist Skills: Vulnerability Management + Qualys +MS Defender Location : Mumbai / Pune / Bangalore / Hyderabad / Chennai / Delhi / Indore / Nagpur / Bhubaneshwar / Jaipur / Kolkata Exp: 08 - 12yrs : Having Basic knowledge Vulnerabilities, system weakness, patching process vulnerability mitigation process. Review the application design, architecture, business flow, implementation and identify security testing scope and recommendations. Execute penetration test validating against Industry standard test check list and document every results. Identify the security issues, weakness and suggest counter measures for remediation and security improvements. Prepare security assessment report leveraging the customized template with POCs. Adept at selecting and utilizing appropriate technologies to solve complex problems effectively. Keep up to date with evolving cyber threats and identify any new and sophisticated methods of detecting vulnerabilities Knowledge & Skills : Beginner + Knowledge Operating systems, Basic Network knowledge, Vulnerabilities management processes, analysis of vulnerabilities, exception/False positive analysis, Vendor Advisory handling. VA tool administration/basic configuration level knowledge (menus/option, running scans, asset group, profiles/templates, Qualys Agent workflow, deployment, solution level troubleshooting etc.,) and its modules, VM process Knowledge of Microsoft excel commands/function/ pivots etc. for reporting. integrations process (Qualys/SNOW/ automation tool in place. etc.) Attending internal/client calls Intermediate + Good Network knowledge (function of routers, Gateways security tools, Firewall etc., troubleshoot reported vulnerabilities, help remediation teams with additional inputs, review and publish vendor Advisories, vendor management (interacting with vendor/TAMs etc., ) Team handling (cross skill team, conduct internal trainings. Vulnerabilities, Vendor Advisory analysis and publish reports. End-to-End VA tool administration, understand integrations ( Ticketing tools), manage and finetune advance configuration (design report templates etc., solution design knowledge, advance level troubleshooting etc.,) and knowledge of additional modules and deployment. Knowledge of security process/SLAs, solutions/status reporting) Handling client/LTIM security team/CISO levels (Interacting with client, handling calls, prepare, review and present VM status/risk level posture,), handling internal remediation calls. Work on VM enhancements, review additional modules, 3rd party solution and recommend as needed for Client environment. prepare the documents/SOPs etc. Highly customer focused and motivated with willingness to take ownership/responsibility for their work and ability to work both independently and in a team-oriented environment. Exceptional behaviors and interpersonal skills. Effective oral and written communication Able to perform Triaging, Vulnerability Management & handling internal teams, management, and client security teams and Vendors calls handling Team management. Education Background : 6-10+ years of hands-on experience in Security/PEN Testing practices. Hands-on experience in application penetration testing (Web, API, Mobile, Thick Client) without or with tools such as but not limited to...Kali Linux, Burp Suite, Nmap, ZAP, Metasploit, Nessus, etc. Good Knowledge and experience on OWASP Top 10 Methodologies, SANS Top 25 and how to effectively remediate vulnerabilities associated with each. Industry Certifications : CEH, VM tool solution level certifications, other security solution

foundit