Vulnerability Analyst III
- UST Global Singapore
- 3 - 5 Years
- Thiruvananthapuram / Trivandrum
- 5 years ago
- Email to a friend
- Report this job
Job Description
Role Proficiency:
Under Manager's supervision lead a small team / shift of VM analysts to detect evaluate communicate and track security vulnerabilities. Leverage the available security scanning and assessment tools preventing emerging threats.
Outcomes:
- Under Manager's supervision lead a small team / shift to perform vulnerability assessment scans using the VM tools like Qualys. Identify vulnerabilities evaluate the reports and monitor or oversee the mitigation efforts.
- Configure the scheduled scans and interpret the assessment results along with the management of the asset configuration. Assess the vulnerability of databases
- Leverage the available security scanning and assessment tools to detect evaluate and prioritize critical security flaws
- Perform asset discovery scans and configure scheduled scans on the assets. Monitor and ensure unerring scans.
- Mentor junior team members in performance of day to day operations.
- Communicate and escalate identified vulnerabilities etc. per defined process. Supervise / mentor junior members in this regard
- Adhere to defined processes including housekeeping tasks.
- Adhere to the Information Security policies as defined by the company and customer.
Measures of Outcomes:
- On-time delivery of scan reports
- Accuracy of risk assessment and prioritisation
- Customer satisfaction with service
- Quality of service (percent of major vulnerabilities missed; incorrectly classified)
- Adherence to process
Outputs Expected:
Vulnerability Scanning :
- Perform asset discovery and vulnerability scans and categorize by tagging the assets.
- Cater to the ad-hoc scan requests for the various assets in the infrastructure.
- Perform network scans on endpoints using tools like Qualys Nessus etc
- Configure and manage various asset groups asset tags and scanning profiles
- Perform the post scan verification test and maintain the checklist
Vulnerability Assessment:
- Analyse the scan results by correlating the data with a set of known vulnerabilities; providing clear concise interpretations
- Assess and prioritize risks related to vulnerabilities
- Remediate the security vulnerabilities within scope
Reporting and Communication:
- Provide timely and accurate information to senior analysts in both written and verbal communications. Ensure that reports are accurate and complete. Work with internal threat intel team to prioritize the vulnerability scan results and provide customized reports to the customers.
- Track all vulnerabilities using ticketing systems through closure. Document the remediation tasks. Coordinate with relevant teams to ensure the mitigation of vulnerabilities
- Communication and escalation per defined process
Transition:
- Work with the customer's point of contact and other stake holders to lead transition of VM assignments.
Continuous Learning
Innovation and optimization:
- Ensure completion of learning program suggested by Managers
- Suggest ideas that will help innovation and optimization of processes
- Mentor junior team members.
Skill Examples:
- Proficient in use of VM scanners / tools like Qualys Nessus etc. and their administration. Implementation of tools under supervision of lead.
- Excellent logical problem-solving ability and analytical skills to assess vulnerabilities prioritizing etc.
- Ability to adapt to new technologies and tools especially in the Vulnerability Management and Assessment space.
- Ability to work with the customer point of contact and other stake holders during the project transition phase on arranging KT sessions preparing KT documents and managing reverse KT sessions.
- Good written and verbal communication skills.
- Continually learn new technology and stay updated on vulnerabilities / cyber threats etc.
- Ability to work in rotating shifts and be on-call outside of shift hours on a regular and recurring basis.
- Possess unimpeachable personal and professional integrity. Individuals will be required to submit to a background check
Knowledge Examples:
Knowledge Examples
- 3 to 5 Years experience as VM Analyst in a global organization. Additional IT Infrastructure experience in Networks Servers and Firewall; SOC Experience.
- University Degree in Cyber Security (no back papers) / Bachelors in Engineering or Science. Training with demonstrable knowledge in the basics of Cyber Security
- In-depth knowledge of vulnerability scanning process. Sound understanding of Security Vulnerabilities Vulnerability Management Assessment Scanning
- Sound comprehension of enterprise IT Infrastructure including Networks OS Databases and Web Applications etc. Basic knowledge of TCP/IP and Network Security Protocols.
- Awareness of ISMS principles and guidelines. Relevant frameworks (e.g. ISO27001)
- Desirable Training / Certification in relevant areas like Vulnerability Management VM tools like Qualys Nessus; Ethical Hacking Network Security etc
Employement Category:
Employement Type: Full timeIndustry: Full timeFunctional Area: ITRole Category: ITRole/Responsibilies: Vulnerability Analyst IIIContact Details:
Company: UST Global SingaporeLocation(s): Thiruvananthapuram / Trivandrum+ View Contact
Fraud Alert to job seekers!
₹ Not Specified
Job Listings
We are in open beta version of website, please let us know if any issues, at: info(at)indigojobs.in