Security Analyst - Vulnerability Management

Chennai, India

Lennox International

Explore Lennox comfort and energy-efficient solutions for heating and cooling your space. Upgrade your home's HVAC system with industry-leading solutions.

View all jobs at Lennox International

Apply now Apply later

Company Profile

Lennox (NYSE: LII) Driven by 130 years of legacy, HVAC and refrigeration success, Lennox provides our residential and commercial customers with industry-leading climate-control solutions. At Lennox, we win as a team, aiming for excellence and delivering innovative, sustainable products and services. Our culture guides us and creates a workplace where all employees feel heard and welcomed. Lennox is a global community that values each team member’s contributions and offers a supportive environment for career development. Come, stay, and grow with us.

Job Description

  • Vulnerability Scanning & Analysis:
    • Conduct daily operational activities in Rapid7 InsightVM, including initiating and reviewing vulnerability scans.
    • Add or remove assets from scan scopes as per infrastructure changes or business requirements.
    • Analyze vulnerability data and prioritize findings based on severity, exploitability, and business impact.
    • False Positive detection analysis.
  • Risk Management & Remediation:
    • Collaborate with IT and business stakeholders to drive timely patching and remediation of identified vulnerabilities.
    • Track and follow up on remediation progress; escalate delays as necessary.
    • Support documentation and processing of risk acceptances, including impact assessments and stakeholder sign-offs.
  • Stakeholder Engagement:
    • Coordinate and communicate with application owners, system administrators, and other stakeholders for scan scheduling, scope adjustments, and remediation actions.
    • Provide regular reports and dashboards to management and technical teams highlighting vulnerability trends, exceptions, and compliance status.
  • Patch Management Support:
    • Work closely with patch management teams to align scan results with patch deployment cycles.
    • Validate effectiveness of applied patches and update system records accordingly.
  • Documentation & Continuous Improvement:
    • Maintain accurate records of vulnerability management activities, scan scopes, and risk acceptances.
    • Assist in improving scanning coverage, tuning scan configurations, and refining asset groups.

Qualifications

  • 3–5 years of hands-on experience in a vulnerability management or security operations role.
  • Strong working knowledge of Rapid7 InsightVM or similar vulnerability management platforms.
  • Familiarity with patch management processes and tools.
  • Experience conducting PCI DSS compliance scans, including asset scope definition, remediation tracking, and validation reporting.
  • Understanding of risk management concepts and experience handling risk acceptances.
  • Proficient in analyzing vulnerability reports, identifying root causes, and recommending mitigation strategies.
  • Sound understanding of network, operating systems (Windows/Linux), and application security fundamentals.
  • Solid grasp of compliance requirements including PCI DSS, CIS benchmarks, and vulnerability SLAs.
  • Experience with the Service-Now Vulnerability Response module is an added advantage.
  • Strong communication and stakeholder management skills.
  • Good understanding of network and system security fundamentals.
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  4  0  0
Category: Analyst Jobs

Tags: Application security Compliance InsightVM Linux PCI DSS Risk management SLAs Vulnerabilities Vulnerability management Vulnerability scans Windows

Perks/benefits: Career development

Region: Asia/Pacific
Country: India

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.