SAT (Qualys VMDR exp)

This job posting at NTT DATA is for a Vulnerability Management and Detection and Response (VMDR) position, with a focus on using Qualys as the primary vulnerability scanning solution. Key technical requirements and skills: - Extensive experience in vulnerability assessment and policy compliance using tools like Qualys - Proficiency in assessing vulnerabilities across on-premises, cloud, and containerized environments - Strong understanding of security policies, procedures, and guidelines - Expertise in analyzing vulnerability results and providing remediation recommendations Team/project information: - The role involves working as a technical subject matter expert and providing support to infrastructure and application teams - There is an expectation to maintain a vulnerability management knowledge base and continuously research security vulnerabilities and trends Notable aspects of the role: - The position requires the ability to act as a line manager in the absence of the team lead - Preference is given to candidates with experience in the banking and financial

• Perform Vulnerability assessment & Policy Compliance using leading Vulnerability Scanning solutions like Qualys etc.
• Perform Vulnerability assessments & Policy Compliance on On-prem, Cloud hosted systems, container (like Docker & Kubernetes), databases, web services and other widely deployed infrastructure components.
• Perform false positive validation and ensure delivery of quality reports.
• Act as a technical SME to analyze the vulnerability results & detection logic.
• Provide technical advice and support on remediation to infrastructure / application support teams.
• Review findings and identify root causes for common issues and provide recommendations for sustainable improvements.
• Responsible to maintain vulnerability quality assurance by building VM team technical knowledge base.
• Research and report on security vulnerabilities and latest advancements in the vulnerability management lifecycle.
• Understand security policies, procedures and guidelines to all levels of management and staff.
• Communicate effectively orally and in writing and establish cooperative working relationships.
• Provide suggestion to improve vulnerability Management service based on current trends in information technology (Network, system security software and hardware).
• Act as line manager in the absence of team lead.

Requirement:

• Minimum 6 years of experience in Information security and preferably in Banking and Financial services sector
• In-depth working experience on Cloud technologies, routers, switches, firewalls, load balancers and proxy will be added advantage for the role.
• Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent.
• Industry certifications will be a plus e.g. CISSP, CCNA Security, CCIE, CCNP Security, CISA, CRISC and CISM.
• Strong knowledge and subject matter expertise in multiple areas within Information Security.
• Hands on skill and expertise in performing risk / threat assessments/risk consulting.
• Excellent written, oral communication and reporting skills.
• Provides technical leadership, expertise and direction working with district and college technical staff for design and implementation of information technology security systems.
• Develops strategy for propagating, maintaining, and measuring compliance against security policies, standards, and guidelines district-wide.
• Time management and organizational skills
• Ability and desire to learn new skills quickly
• Performs other related duties as assigned.

Originally posted on Himalayas