Senior Consultant - Vulnerability Management

Senior Consultant - Vulnerability Management

Vulnerability Management - Manager \:

We are looking for energetic, dynamic and self-motivated individual to manage Vulnerability management service with tools and processes

The role involves management of vulnerability management lifecycle process, Stakeholder management and supporting organization to improve security compliance across people, process and technology.

 

Responsibility of this role

·       Manage vulnerability assessment tool and ensure integration of Asset inventory, creating scan profiles/templates, plan scanning, build reporting template and  establish communication to track and remediate vulnerability

·       Engage stakeholders within IT, Account governance and business function to track vulnerabilities to closure

·       Establish, manage and update vulnerability management process and create metrics to measure the effectiveness and efficiency and manage vulnerability compliance against SLA

·       Perform Annual penetration testing across the organization and ensure the non-compliance are closed within SLA

·       Report vulnerability dashboard, security scorecard to leadership team and develop plans on the area that requires improvement

·       Manage the Third-party scorecard for organization and liaise with different stakeholders to fix the non-compliance

·       Perform tool based attacks and breaches to identify the effectiveness of the security tools and engage appropriate stakeholders (Internal/External) to improve the tool efficiency and security posture.

·       Create Red team simulation scenarios on Virtusa infrastructure and application and exercise the same to identify weakness on people, process & technology and drive gaps to closure

 

Skills

·       Experience in managing vulnerability management lifecycle on medium to large organization

·       Technical knowledge in managing Vulnerability management tool ( Qualys/Nessus/Rapid 7) and penetration testing tools (Kali/Metasploit)

·       The ideal candidate should have experience managing services under ITIL framework and exposure towards service management tools

·       OSCP certification is preferred

·       Knowledge on Operating system architecture ( Windows/ Unix/ Linux)

·       Hands on various penetration testing and vulnerability management tools and techniques

·       Understanding on OWASP top 10 vulnerability

·       Scripting and programing knowledge on (PowerShell/Python/) will be added advantage