Job Description:
Who are we looking for? Looking for VA remediation candidates with minimum of total 7+ years of experience in conducting vulnerability assessment and remediation against windows as part of a team. Should be able to serve as a trusted advisor in helping customers with relevant decisions based on the findings of the reports and dashboards.
Roles and Responsibilities
- Work as part of the team for vulnerability remediation in an enterprise environment.
- To perform detailed analysis and troubleshooting of VA report received and identifying vulnerabilities from tools (Qualys)
- Coordinate with architects, business and application owners, value steam to plan and remediate vulnerabilities.
- Interact and closely work with Information Security teams and Application support teams to identify and implement vulnerability remediation.
- Coordinate with 3rd line support team, external suppliers, etc. for planning and scheduling remediation.
- Create daily weekly and monthly reports for relevant stakeholders.
- Ability to recommend and implement Windows Hardening on workstations and servers.
- Own the Windows Patching either internal SCCM or WSUS for Business.
Skills:
- Must have 7+ years of experience in VA remediation.
- Expert in Windows Server and client Operating System (Win Server 2016, Win Server 2019, Windows 10, 11 )
- Experience in Linux operating systems (preferred)
- Expert in VMware technologies
- Expert in using centralized patch management solution such as SCCM, WSUS, Patch My PC etc.
- Good experience in Active Directory and Group Policies and other Windows-specific technologies
- Familiarity with vulnerability management processes, tools, and frameworks, such as CVE, CVSS, and Common Vulnerability Scoring System (CVSS).
- Experience in remediating Webserver, office application, snmp, db, nfs, proxy, FTP, dns and bind,Java, VMware ,Linux etc related vulnerabilities.
- Proficiency in vulnerability scanning tools such as Qualys.
- Familiarity with firewalls, proxies, SIEM, antivirus, and IDPS concepts.
- Experience in Certificate management
- Knowledge of network protocols, network analysis tools, and network security methodologies.
- Good understanding of common vulnerabilities and exploits, and the ability to explain these risks to business and IT stakeholders.
- Good behavioral skills and ability to co-ordinate with stake holders to prepare and drive remediation schedule.
- Experience in MS excel, PowerPoint, MS Word with good written & verbal and presentation skills
- Understanding on Security Exception management process
- Good knowledge in using ITIL tools such as ServiceNow, BMC Remedy and experience in ITIL processes.
- ITIL Foundation Certified is desirable.
- Excellent verbal and written communication skills (English) and experience in working in multi-cultural environment.
- Familiarity with security standards and frameworks such as NIST, CIS, and ISO 27001.
Qualifications:
- Bachelor's degree or higher from an accredited college/university and 7+ Years of relevant work experience
- AZ 500 and MS 500 Certification will be added advantage.
- Relevant certifications such as Microsoft Certified: Azure Administrator Associate, Microsoft Certified: Windows Server, or Certified Ethical Hacker (CEH) are desirable.