EXPERT ENGINEER role in the Vulnerability Management team.
Job Responsibilities:
- Perform vulnerability scanning service for customers for network and applications
- Perform analysis of vulnerabilities and validate false positives
- Develop metrics and dashboards based on the vulnerability scanning outputs
- Manage vulnerability management program for customers
- Execute Policy Compliance Scans projects using Nessus Professional tool
- Gain in-depth knowledge and understanding of different platforms (i.e. Windows, Linux, Unix, Mac OS, Cisco, Juniper, etc.)
- Involve in understanding customer environment, vulnerability identification and control analysis
- Perform likelihood determination, impact analysis and risk determination.
- Provide risk prioritization including recommendation and documentation of solutions
- Identify and infer the business risk posed by the weaknesses identified during the assessments
- Demonstrate strong communication (verbal and written) with internal and customer stakeholders
- Engage with both business and technical personnel within and outside the organization from a project scope definition, project execution, project closure perspectives
- Stay current with emerging technologies and industry trends and conduct knowledge sharing sessions to rest of the team members
- Build knowledge on different risk assessment methodologies, frameworks and compliance standards such as CIS, PCI DSS, NIST, HIPAA, etc.
Skills required: 3+ years of Vulnerability Management Experience
- Experience with Vulnerability Scanning service using various scanners such as Qualys, Tenable, Rapid7, etc.
- Experience with performing Policy Compliance Scans
- Expertise in analyzing and validating vulnerabilities
- Knowledge of various platforms such as Windows, Linux, Unix, Mac OS, Cisco, Juniper, etc.
- Experience with standards such as CIS, NIST, etc.
- Ability to handle difficult situations and to provide alternative solutions or workarounds
- Flexible and creative in helping to find acceptable solutions
- Good communication and writing skills with ability to talk to both business and technical personnel
#Eviden