Description

Job Description:

Who are we looking for? Looking for VA remediation candidates with minimum of total 7+ years of experience in conducting vulnerability assessment and remediation against windows as part of a team. Should be able to serve as a trusted advisor in helping customers with relevant decisions based on the findings of the reports and dashboards. 

Roles and Responsibilities

  • Work as part of the team for vulnerability remediation in an enterprise environment. 
  • To perform detailed analysis and troubleshooting of VA report received and identifying vulnerabilities from tools (Qualys) 
  • Coordinate with architects, business and application owners, value steam to plan and remediate vulnerabilities.
  • Interact and closely work with Information Security teams and Application support teams to identify and implement vulnerability remediation.
  • Coordinate with 3rd line support team, external suppliers, etc. for planning and scheduling remediation.
  • Create daily weekly and monthly reports for relevant stakeholders. 
  • Ability to recommend and implement Windows Hardening on workstations and servers.
  • Own the Windows Patching either internal SCCM or WSUS for Business.

Skills: 

  • Must have 7+ years of experience in VA remediation.
  • Expert in Windows Server and client Operating System (Win Server 2016, Win Server 2019, Windows 10, 11 )
  • Experience in Linux operating systems (preferred)
  • Expert in VMware technologies
  • Expert in using centralized patch management solution such as SCCM, WSUS, Patch My PC etc. 
  • Good experience in Active Directory and Group Policies and other Windows-specific technologies
  • Familiarity with vulnerability management processes, tools, and frameworks, such as CVE, CVSS, and Common Vulnerability Scoring System (CVSS).
  • Experience in remediating Webserver, office application, snmp, db, nfs, proxy, FTP, dns and bind,Java, VMware ,Linux etc related vulnerabilities.
  • Proficiency in vulnerability scanning tools such as Qualys.
  • Familiarity with firewalls, proxies, SIEM, antivirus, and IDPS concepts.
  • Experience in Certificate management
  • Knowledge of network protocols, network analysis tools, and network security methodologies.
  • Good understanding of common vulnerabilities and exploits, and the ability to explain these risks to business and IT stakeholders.
  • Good behavioral skills and ability to co-ordinate with stake holders to prepare and drive remediation schedule.
  • Experience in MS excel, PowerPoint, MS Word with good written & verbal and presentation skills
  • Understanding on Security Exception management process
  • Good knowledge in using ITIL tools such as ServiceNow, BMC Remedy and experience in ITIL processes.
  • ITIL Foundation Certified is desirable.
  • Excellent verbal and written communication skills (English) and experience in working in multi-cultural environment.
  • Familiarity with security standards and frameworks such as NIST, CIS, and ISO 27001.

Qualifications: 

  • Bachelor's degree or higher from an accredited college/university and 7+ Years of relevant work experience
  • AZ 500 and MS 500 Certification will be added advantage.
  • Relevant certifications such as Microsoft Certified: Azure Administrator Associate, Microsoft Certified: Windows Server, or Certified Ethical Hacker (CEH) are desirable.


 

Education

Bachelor's degree