Identify, prioritize, report and communicate security vulnerabilities to the IT teams responsible for remediation
Determining vulnerability applicability and providing actionable remediation guidance to various teams
Streamline the tools and policies to trigger optimized alerts
Perform penetration testing and report to the stakeholders
Create and review the Policy and procedures related to ISO and SOC compliances
Participate in external audits and provide necessary evidence to auditors
Provide governance over the Vulnerability Management Processes including writing and implementing VM standards, tracking vulnerability to closure, and implementing long-term controls to avoid the same vulnerabilities
Requirements:
More than 4 years of experience in Information security roles
Excellent communication skills (both verbal and written) to translate technical issues into a non-technical language
Hands-on experience with vulnerability management processes and tools (e.g., Tenable, Qualys, Nessus, SonarQube, Nmap)
Hands-on experience with SEIM tools for log management (LogRhythm, CrowdStrike etc.)
Capable of performing penetration testing and detecting false positives
Strong understanding of industry standards and guidelines regarding vulnerability management, including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS), and Open Web Application Security Project (OWASP)