Consultant - Vulnerability Remediation Service Job

YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation.

 

At YASH, we’re a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single truth – bringing real positive changes in an increasingly virtual world and it drives us beyond generational gaps and disruptions of the future.

 

We are looking forward to hire Vulnerability Remediation Service Professionals in the following areas :

 

3 to 5 Yrs Experience in Infra and Cloud Security JD for L2 Resource for VMS :  Performing scans to identify vulnerabilities or confirm compliance to security standards Provides recommendations on improving the security posture of the client’s enterprise Maintain knowledge of in-the-wild vulnerability exploitation techniques, assess risk to enterprise and prioritize remediation Configure and run automated vulnerability scanning tools, prioritize remediation, and track exceptions Assessment of threats and vulnerabilities based on enterprise vulnerability management framework Assignment of remediation tasks to the affected groups and tracking of remediation through closure Management of vulnerability lifecycle including ensuring timelines, lifecycle phase management, and recording evidence as needed Interface with groups across the organization to drive remediation of identified vulnerabilities Central tracking and management of enterprise vulnerabilities Enhance proactive remediation of vulnerabilities identified by various sources Review and analyse vulnerability scan data, determine action items and ensure remediation Help standardize processes and procedures and provide improvement Execute processes and tasks under continuous vulnerability monitoring initiative Produce metrics to demonstrate process effectiveness and remediation across the enterprise Develop long term server integrity strategies and solutions Communicate compliance issues to IT managers in an effective and appropriate manner Abilities to create and implement processes that can scale Good understanding of technology concepts Familiarity with good security practices and implementation of these concepts in various scenarios Ability to assimilate technical and voluminous data and translate into layman terms Ability to craft presentations (PPT, PowerBI, Excel etc) and updates for senior management Ability to work well under pressure and juggle multiple priorities     Skill Matrix L2   Technical Proficiency: Understanding of common vulnerabilities and exposures (CVEs). Familiarity with vulnerability assessment tools such as Nessus, Qualys, OpenVAS, etc. Ability to interpret scan results and prioritize vulnerabilities based on risk. Knowledge of different types of vulnerabilities (e.g., SQL injection, XSS, CSRF) and their implications. Competence in vulnerability remediation techniques and best practices.   Platform Knowledge: Scanning Tool - Qualys VMDR, AppOmni, Cloud Optix, MS-Defender for Cloud etc Proficiency in operating system security (Windows, Linux, Unix, etc.). Understanding of network security concepts and protocols (TCP/IP, firewalls, VPNs, etc.). Familiarity with cloud platforms (AWS, Azure, Google Cloud) and associated security controls. Risk Assessment and Management:   Capability to assess the severity and potential impact of vulnerabilities. Understanding of risk assessment methodologies (e.g., CVSS scoring) and frameworks (e.g., NIST Cybersecurity Framework). Ability to communicate effectively with stakeholders regarding risk exposure and mitigation strategies.   Incident Response: Awareness of incident response procedures related to vulnerability exploitation. Familiarity with security incident handling and escalation processes. Capacity to collaborate with incident response teams to address vulnerabilities in a timely manner.   Documentation and Reporting: Proficiency in documenting vulnerability assessment findings, remediation efforts, and residual risks. Capability to generate clear and concise reports for various stakeholders, including technical and non-technical audiences. Ability to track and maintain records of vulnerabilities and their status over time.   Continuous Learning and Improvement: Eagerness to stay updated on emerging threats, vulnerabilities, and industry best practices. Willingness to pursue relevant certifications (e.g., CompTIA Security+, CEH) and participate in training programs. Capacity to adapt and evolve in response to changing technology landscapes and security requirements.

 

 

At YASH, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. We leverage career-oriented skilling models and optimize our collective intelligence aided with technology for continuous learning, unlearning, and relearning at a rapid pace and scale.

 

Our Hyperlearning workplace is grounded upon four principles

• Flexible work arrangements, Free spirit, and emotional positivity
• Agile self-determination, trust, transparency, and open collaboration
• All Support needed for the realization of business goals,
• Stable employment with a great atmosphere and ethical corporate culture