Configuration Management Engineer

What's this role about?

Job Title: Lead Vulnerability Management Engineer

Reporting To: Manager, Threat & Vulnerability Management (Pune)

Location: Pune

 

Summary:

The Lead Vulnerability Management Engineer is responsible for managing the identification, assessment, reporting, and mitigation of infrastructure and cloud vulnerabilities. This role requires strong collaboration with internal stakeholders to ensure identified risks are appropriately addressed promptly. Should have a mindset of a defender and be able to operate in a fast-paced environment working closely with our infrastructure team that includes Network, Firewall, Hypervisors, Servers, and business application teams.

 

Key Responsibilities:

• Serve as a Lead role that requires frequent interaction with IT and Information Security Managers, Engineers and developers.
• Provide vulnerability remediation governance and operational support.
• Perform Vulnerability Metrics Reporting for Ad-hoc and scheduled metrics report for various KPIs (Key Performance Indicators) around vulnerability management activities.
• Mature and automate repeatable processes to inventory, asses, prioritize, and manage critical vulnerabilities and risks within the enterprise.
• Develop quantitative risk and threat models to drive vulnerability reporting and remediation prioritization.
• Drive and track remediation initiatives across multiple support teams.
• Mentor less-experienced team members.

 

EXPERIENCE AND EDUCATIONAL REQUIREMENTS:

• Bachelor’s degree in Computer Science, Cybersecurity or other related field, or equivalent work experience.
• Proficient in various vulnerability assessment tools such as Qualys, Armis, Microsoft Defender for Endpoint/Cloud.
• Ability to analyze vulnerability metrics using Microsoft Excel advanced techniques.
• Typically requires 7-9 years of combined IT and security work experience with a broad range of exposure to cybersecurity, systems analysis, application development and/or systems administration and 3+ years of vulnerability management experience.
• Requires Security Certification(s) (i.e., Certified Information Systems Security Professional (CISSP), or Certified Information Security Manage (CISM), Certificate of Cloud Security Knowledge (CCSK), Offensive Security Certified Professional (OSCP) or other equivalent recognized security certifications.
• Good understanding of industry standard regulations and risk management frameworks and standards (e.g., ISO, PCI, NIST, COBIT, GAPP, HIPAA, GDPR).
• Familiarity with SANS Top 25 controls, OWASP Top 10 and/or MITRE ATT&CK framework
• Experience with cloud computing environments such as AWS, Azure or Google Cloud.
• Excellent communication skills: able to explain complex concepts clearly to both technical and non-technical stakeholders.

 

Skills Desired:

• Knowledge of cloud architectures, services, and vulnerabilities.
• Understanding of risk assessment methodologies.
• Proficiency in using vulnerability scanning tools such as Qualys, Armis, MS Defender, etc.
• Ability to interpret vulnerability data from multiple sources.
• Reporting and metrics expertise with platforms such as ServiceNow (SecOps), PowerBI, etc.
   

Here's how you'll contribute:           You'll do this by:
         Core Skills:
         Desired Skills:
  How we’d like you to lead:
  Advantage Zensar We are a technology consulting and services company with 11, 800+ associates in 33 global locations. More than 130 leading enterprises depend on our expertise to be more disruptive, agile and competitive. We focus on conceptualizing, designing, engineering, marketing, and managing digital products and experiences for high-growth companies looking to disrupt through innovation and velocity.
  Zensar Technologies is an Equal Employment Opportunity (EEO) and Affirmative Action Employer, encouraging diversity in the workplace. Please be assured that we will consider all qualified applicants fairly, regardless of race, creed, color, ancestry, religion, sex, national origin, citizen status, age, sexual orientation, gender identity, disability, marital status, family medical leave status, or protected veterans’ status.
  Zensar is a place where you are free to express yourself in an environment that values individuality, nurtures development and is mindful of wellbeing. We put our people and customers at the center of everything that we do. Our core values include: 
 

• Putting people first
• Client-centricity
• Collaboration

Grow. Own. Achieve. Learn. with Zensar: www.youtube.com/watch?v=i2NZsiQqVnU