Automated Security Scanning Business Analyst

Automated Security Scanning Business Analyst

Hyderabad-India

We are currently seeking an experienced professional to join our team in the role of Consultant Specialist

In this role, you will:

• Perform scheduled and/ or on demand infrastructure vulnerability scanning, assessments, and reporting.
• Agent based scanning and deploying agents in a large environment.
• Triage and addressing of issues which arise from scanning and assessments.
• Communication of analysis and validation of scan/ assessment results to stakeholders.
• Configure, maintain, operate vulnerability management industry standard tools as well as identifying/ implementing new innovative solutions.
• Partnering with global HSBC teams and third-party service providers.

Qualifications

To be successful in this role, you should meet the following requirements:

• Security testing tools, vulnerability scanning, and exploit frameworks (e.g. Tenable (Nessus), Qualys, Cloud Native Scanning capabilities or other relevant scanning tools).
• One or more Cloud platforms and cloud vulnerability assessment approaches i.e. Ali Cloud, AWS, GCP, Azure
• Vulnerability assessment and articulating these to both technical and business stakeholders.
• Agent scanning and deploying agents in a large environment.
• Malware, emerging threats, attacks, and vulnerability management.
• Industry frameworks and best practices: CIS Critical Security Controls, Threat Modelling, OWASP, NIST 800 Series.
• Operating systems, network protocols, and application development.

• Exposure to scripting or programming languages (e.g Python, C+, or PowerShell).

• Excellent critical thinking, analytical and problem-solving skills; with exceptional written and verbal communication skills.
• Strong team player and collaborative worker.
• High level of integrity and strong ethical values.
• Resilient and self driven, capable of informing and driving change and delivering high-quality outcomes, whilst often under pressure/ at pace.

Education & Experience:

• 7+ years of experience into cybersecurity, Information security or security engineering.
• Strong DevSecOps and Software security background.
• Desirable to have one or more industry-recognised cybersecurity-related certifications including CISSP, CRISC, CISM, OSCP.
• Bachelor or master's degree in computer science, Information Technology, Cybersecurity or equivalent.