Information Security Team Lead

Position Summary:

Security operations team is responsible for ensuring that the Confidentiality, Integrity, and availability of the organization is not impacted. This position requires the ability to manage end to end vulnerability management processes, collaborate with cross functional teams, and lead the co-ordination of penetration testing activities. The SME will act a key advisor, ensuring compliance with security standards and providing actionable insights to mitigate risk effectively.

Job Functions and Responsibilities:

• Conduct vulnerability assessments of infrastructure, including servers, networks, endpoints, and cloud environments, using tools like

  Qualys

  .
• Prioritize vulnerabilities based on risk, business impact, and exploitability, aligning remediation efforts with organizational goals.
• Develop action plans and collaborate with teams to remediate vulnerabilities effectively.
• Front-end

  third-party penetration testing engagements

  , including defining scope, coordinating activities, and reviewing deliverables.
• Ensure secure configurations and implement hardening guidelines across the IT environment.
• Support blue and red teaming exercises to enhance the organization's defense mechanisms.
• Developing policies, standards and procedures around Vulnerability Management and External Assessments.
• Lead the incident response activities to contain, eradicate, and recover from cybersecurity incidents.
• Utilize expertise in incident recovery to ensure a swift and efficient restoration of affected systems and services.

Qualifications:

• 8 10 years of progressive experience in vulnerability management, with exposure to penetration testing and IT infrastructure security.
• Tools: Advanced knowledge of Qualys, Nessus, and other vulnerability management platforms.
• Strong collaboration and communication skills to interface with internal teams and third parties effectively.
• Analytical mindset for identifying vulnerabilities, assessing risks, and prioritizing remediation.
• Ability to simplify technical risks for non-technical stakeholders.
• Any experience Pen Testing with certifications such as OSCP, CEH, GPEN, or similar will have added advantage.
• Ability to work independently and collaboratively in a fast-paced environment.

WORK SCHEDULE OR TRAVEL REQUIREMENTS

2 PM to 11 PM / 5 PM to 2 AM. No travel.