BCG VM Professional

Job Description

Manage VM tool (Tenable.io) and on-premises VA scanners. Perform regular health check to ensure scanner are up and running with latest plugins. Ensure scans scopes are updated and proper scans are performed on assets as per desired frequency. Troubleshoot and fix scanning issues like authentication failure observed in scheduled scans. Perform risk assessments on vulnerabilities identified by infrastructure scans to determine real risk and prioritizing vulnerabilities. Report findings to teams / individual owners of assets and follow up to get the remediation completed within defined SLA. Develop hardening configuration standards (CIS) document for windows and Linux operating systems and get them implemented with help of stakeholders. Ensure compliance scans are performed to validate hardening configuration as per desired frequency. Report EC2 instances and lambda functions vulnerability findings from aws inspector to individual resource owners and follow up to get the remediation completed within defined SLA. You should be good at performing vulnerability assessment and articulate the findings in an easily consumable manner to the asset owners. Hence it is expected to have good reporting skills as well. Configuration and maintenance of regular and ad-hoc vulnerability scans against internal and external IT infrastructure including Cloud Assessment, reporting and remediation tracking of identified vulnerabilities. Collaboration with Tribe/ Product owners and cross-functional stakeholders related to vulnerability management. Mandatory skills Perform vulnerability assessment and articulate the findings in an easily consumable manner to the asset owners and good reporting skills. Configuration and maintenance of regular and ad-hoc vulnerability scans against internal and external IT infrastructure including Cloud Assessment, reporting and remediation tracking of identified vulnerabilities. Collaboration with Tribe/ Product owners and cross-functional stakeholders related to vulnerability management. Desired/ Secondary skills Knowledge on scripting (e.g. PowerShell) to write automation scripts. Solid understanding of the Cloud terminology, windows platform, Active Directory, and networking protocols