12 Rapid7 Jobs

Hi, Greetings from CES LTD: Website Link : https://www.cesltd.com SMART IT Solutions | Scalable, Secure, and Future-Ready | CES Ltd CES delivers SMART-driven solutions. Support enterprise growth, modernize IT infrastructure, automate workflows, reinforce cybersecurity, and transform business efficiency www.cesltd.com Headquarted AT : Chicago ( Illinois ) Certified AS : CMMI Level 5 Organisation Job Summary: We are looking for a skilled and proactive Cybersecurity Analyst with 4 to 6 years of experience to join our clients cybersecurity team. The ideal candidate will be responsible for identifying, analyzing, and remediating vulnerabilities across the environment using Rapid7 and related tools. A strong understanding of security principles, patch management, and vulnerability remediation is essential. Key Responsibilities: • Monitor and assess vulnerabilities across systems, networks, and applications using Rapid7 InsightVM and InsightIDR. • Analyse vulnerability scan results, prioritize risks based on criticality and asset value, and drive remediation activities. • Work closely with system and network teams to track and validate vulnerability fixes. • Develop and maintain vulnerability management reports and dashboards. • Ensure timely remediation of critical and high-severity vulnerabilities. • Assist in patch management planning and execution in coordination with IT support teams. • Document and escalate security incidents and vulnerabilities in line with incident response procedures. • Stay up-to-date with the latest cybersecurity threats, trends, and best practices. • Participate in security audits and compliance checks as required. Required Skills & Qualifications: • Bachelors degree or B.Tech in Computer Science, Information Security, or a related field. • 3 to 5 years of hands-on experience in cybersecurity or information security roles. • Proven experience with Rapid7 tools (InsightVM, InsightIDR, Nexpose). • Strong understanding of vulnerability management lifecycle and CVSS scoring. • Knowledge of patch management tools and procedures. • Familiarity with common operating systems (Windows/Linux), networks, and cloud platforms. • Experience in coordinating with cross-functional IT teams. • Strong analytical and problem-solving skills. • Excellent communication and documentation abilities. Preferred Qualifications (Nice to Have): • Relevant certifications such as CompTIA Security+, CEH, CISSP, or Rapid7 certifications. • Experience with ticketing systems (e.g., ServiceNow, Jira). • Exposure to compliance standards (e.g., ISO 27001, NIST, PCI-DSS). Regards, Kanchana CES LTD!

What you will do In this vital role supports the identification, assessment, and tracking of vulnerabilities across the organizations IT landscape. The Junior Vulnerability Management Analyst assists senior team members in analyzing vulnerability data, correlating risk indicators (e.g., KEV, EPSS), and supporting remediation efforts. This position offers an opportunity to grow technical expertise while contributing to the organizations security posture through structured vulnerability management processes. Roles & Responsibilities: Assist with analyzing vulnerability scan results from tools such as Tenable, Qualys, or Rapid7. Support prioritization efforts using CVSS scores, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), and asset criticality. Collaborate with IT and security teams to track remediation status and escalate high-risk findings. Monitor public threat intelligence sources to understand the context of vulnerabilities. Contribute to the development of dashboards and reports for tracking vulnerabilities and trends. Assist in documenting vulnerability management processes and remediation workflows. Support compliance and audit requests by providing vulnerability data as needed. Learn and follow policies related to patch management and secure configurations. What we expect of you We are all different, yet we all use our unique contributions to serve patients. Basic Qualifications: Bachelors degree and 0 to 3 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools OR Diploma and 4 to 7 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools Must-Have Skills: Basic familiarity with vulnerability management platforms (e.g., Tenable, Qualys, or Rapid7) Understanding of basic CVSS scoring and vulnerability classification Awareness of cybersecurity concepts such as threat intelligence, patching, and risk assessment Foundational knowledge of networking and common IT systems Willingness to learn and grow in the field of vulnerability management Preferred Qualifications: Good-to-Have Skills: Exposure to KEV, EPSS, or similar threat-based scoring frameworks Basic experience with scripting languages (e.g., Python, PowerShell) Awareness of cloud security tools (e.g., AWS Inspector, Azure Defender) Familiarity with compliance standards such as NIST, ISO, or PCI-DSS CompTIA Security+ (preferred) Tenable Certified Nessus Auditor (Preferred) Qualys Vulnerability Management Specialist (Preferred) Soft Skills: Analytical Thinking Comfortable working with data and identifying patterns Attention to Detail Careful review and tracking of vulnerabilities Communication Skills Able to clearly document and explain findings Collaboration & Teamwork Works well with cross-functional teams Curiosity & Continuous Learning Strong interest in cybersecurity and professional growth Problem-Solving Mindset Seeks practical solutions to real-world security issues

The Vulnerability Manager position is responsible for managing the identification of vulnerabilities in EagleView's on-premise and cloud environment and working with systems owners to remediate findings. The Vulnerability Manager will convert raw vulnerability reports to actionable and prioritized information to enable engineers to focus on mitigating the highest levels of risk. As an additional duty, this role will also perform asset management for enterprise assets, combining asset discovery with vulnerability scanning to ensure comprehensive coverage of all assets. This position will serve as a critical member of the Cyber Security Team and will enable EagleView to achieve compliance with on-going assessment programs and reduce risk to company systems and services. Primary Responsibilities: Define and operate a formal Vulnerability Management Program and framework that defines the vulnerability priorities aligned with business criticality Establish an agile approach for vulnerability management capability improvements Provide risk-based mitigation and remediation recommendations and guidance Responsible for researching and analyzing vulnerabilities, identifying relevant threats, and providing risk-based mitigation and remediation recommendations Develop and optimize tools and services to provide comprehensive visibility, situational awareness, and response readiness Support the implementation of vulnerability management projects Refine scan results to identify and resolve any false positive findings, and produce vulnerability reports with actionable and prioritized information for system owners Track and report status of vulnerability remediation Assist in the development of baseline security configurations for operating systems, applications, and networking equipment Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology partners and support teams Develop baseline asset inventories using endpoint management applications (on-premise assets) and custom databases (cloud assets) Identify and maintain owners for systems in the asset inventory Skills/Requirements Required Knowledge, Skills and Experience: Bachelor's degree in a technology or business-related field (BSc or BBA preferred) 5 years of experience in Vulnerability Management Advanced understanding of operating system and application security, administration, and debugging Advanced understanding of technical information security concepts related to threat landscapes Experience with vulnerability scanners, vulnerability management systems, patch management, and host-based security systems (Rapid7 preferred) Experience working with asset management systems and databases Demonstrable conceptual, analytical and innovative problem-solving and evaluative skills Ability to conduct independent research and analysis, identifying issues, formulating options, and making conclusions and recommendations Demonstrated ability to recognize, interpret, and communicate vulnerability management information Working knowledge of business and risk assessment methodologies/ mitigation strategies using industry standards (e.g., COBIT, ITIL, ISO 27001:2013, NIST, OWASP, etc.) Very high attention to detail, with strong skills in managing/presenting data and information Strong skills in documentation, including policies, standards, processes and procedures Preferred Knowledge, Skills and Experience: Certification such as SANS GIAC, CISA, or CISSP preferred SQL database query language, and scripting experience in Python or other commonly used languages

Role: AWS DevOps Architect Lead Exp.: 15+ years Job Description: Overall, 15+ years of experience with 5 years of hands-on experience in deployment automation using IaC, Configuration management, Orchestration, Containerization, and running a complete CI/CD pipeline on both cloud and on-prem. Thorough understanding and hands-on skills in the below Infrastructure as Code: Terraform, AWS CloudFormation, Puppet. Source control: GitLab, GitHub. CI/CD: Jenkins, GitLab CICD. Containerization/Orchestration: Kubernetes, AWS ECS, AWS EKS, Docker. CDN: Akamai, AWS CloudFront. Monitoring: AWS Cloud watch, New Relic. Security: AWS Code Guru, Guard Duty, Security Hub, Snyk, Veracode, Rapid7. Programming/Scripting: Python, Shell scripting Good understanding of networking, security rules, firewalls, WAF, API gateways, and auto-scaling principles. Hands on experience using AWS (VPC, Subnets, ALB/NLB, RDS, ECS, SQS, Cognito, Lambda, Memcached ) is required. Understanding of Programming concepts and best practices is required. Experience dealing with production incidents in multi-tier application environment is required. Experience managing production workloads with Site Reliability Engineering best practices. Good understanding of various deployment strategies (Rolling updates, Blue/Green, Canary) Strong exposure on DevSecOps testing methods SAST, DAST, SCA is preferred.

About Position: We are seeking a highly experienced and motivated Practitioner to spearhead our Security Assurance offerings that includes Vulnerability Management, Penetration Testing & Red Teaming Activities. In this role, you will be responsible for defining the strategic direction of the practice, driving growth, and ensuring the delivery of high-quality security services to our clients. Role: VAPT Application Security Practitioner Location: Pune Experience: 8 - 12 Years Job Type: Full Time Employment What You'll Do: Practice Leadership: Define and execute the overall strategy for the Vulnerability Management practice. Identify and develop new service offerings to meet evolving client needs. Establish and maintain strong relationships with key technology partners. Stay abreast of industry trends and emerging security threats. Solution Development & Delivery: Lead the development of comprehensive Vulnerability Management, Application Security, Penetration Testing and Red Teaming solutions tailored to client requirements. Oversee the implementation and management of security services, including Vulnerability Management, Application Security, Penetration Testing and Red Teaming solutions and security awareness training. Familiarity with compliance & security standards across the enterprise IT landscape. Knowledge of compliances (PCI DSS, SOX etc.) and IS standards (ISO 27001, BS25999, ISO 2700X, OWASP, CIS, etc). Develop and maintain comprehensive service documentation and operational procedures. RFP Response & Pre-Sales: Lead the technical response to RFPs and RFIs, crafting compelling solutions that address client security challenges. Collaborate with sales teams to develop winning proposals and presentations. Provide expert security guidance during client meetings and presentations. Client Relationship Management: Build and maintain strong relationships with clients. Conduct regular service reviews and provide proactive security recommendations. Act as a trusted advisor to clients on security matters. Expertise You'll Bring: 8+ years of experience in information security, with a focus on Red Teaming & Vulnerability Management services. Deep understanding of security technologies and methodologies that includes but not limited to Nessus, Qualys, Checkmarx, Burpsuite and Security Awareness. Experience in managing and delivering security services to enterprise clients. Proven ability to lead and mentor technical teams. Excellent communication, presentation, and interpersonal skills. Strong analytical and problem-solving abilities. Bachelors degree in computer science or a related field. Relevant industry certifications (CEH, OSCP) are highly desirable. Benefits: Competitive salary and benefits package Culture focused on talent development with quarterly promotion cycles and company-sponsored higher education and certifications Opportunity to work with cutting-edge technologies Employee engagement initiatives such as project parties, flexible work hours, and Long Service awards Annual health check-ups Insurance coverage: group term life, personal accident, and Mediclaim hospitalization for self, spouse, two children, and parents Inclusive Environment: Persistent Ltd. is dedicated to fostering diversity and inclusion in the workplace. We invite applications from all qualified individuals, including those with disabilities, and regardless of gender or gender preference. We welcome diverse candidates from all backgrounds. We offer hybrid work options and flexible working hours to accommodate various needs and preferences. Our office is equipped with accessible facilities, including adjustable workstations, ergonomic chairs, and assistive technologies to support employees with physical disabilities. If you are a person with disabilities and have specific requirements, please inform us during the application process or at any time during your employment. We are committed to creating an inclusive environment where all employees can thrive. Our company fosters a values-driven and people-centric work environment that enables our employees to: Accelerate growth, both professionally and personally Impact the world in powerful, positive ways, using the latest technologies Enjoy collaborative innovation, with diversity and work-life wellbeing at the core Unlock global opportunities to work and learn with the industry's best Let's unleash your full potential at Persistent "Persistent is an Equal Opportunity Employer and prohibits discrimination and harassment of any kind."

Key Responsibilities: Conduct thorough assessments of server infrastructure to identify vulnerabilities and security weaknesses. Develop and implement a comprehensive vulnerability remediation plan in collaboration with IT security teams, application teams, and server infrastructure teams. Prioritize vulnerabilities based on risk assessment and business impact, and establish timelines for remediation efforts. Monitor and report on remediation progress, metrics, and results to stakeholders. Document all findings, remediation steps taken, and recommendations for future improvements. Qualifications: Bachelors degree in Computer Science, Information Technology, Cybersecurity, or a related field. Minimum [3] years of experience in IT security, system administration, or a related role. Proven experience leading vulnerability remediation projects in enterprise environments. Strong knowledge of server operating systems (e.g., Linux, Windows Server) and security best practices. Familiarity with vulnerability scanning tools (e.g., Nessus, Qualys, Rapid7) and patch management solutions. Excellent problem-solving skills and attention to detail. Strong communication and interpersonal skills, with the ability to collaborate effectively with various teams. Relevant certifications (e.g., CISSP, CISM, CEH) are a plus.

We are hiring a dedicated L1 System Engineer to provide IT security, network support, and advanced troubleshooting for our Mumbai office . The ideal candidate should have strong problem-solving skills, experience with cybersecurity tools, and expertise in IT support & documentation. Key Responsibilities: Advanced IT Support & Troubleshooting (Tier 2/3 Level) Network & Security Administration (Firewall, Access Control, Threat Prevention) Cybersecurity & Compliance (Vulnerability Management, Endpoint Security, Risk Mitigation) Backup & Disaster Recovery (Data Integrity, System Restoration, Risk Handling) SOP Development & IT Documentation (Standardizing IT Workflows & Guidelines) Mentorship & Knowledge Transfer (Training Junior IT Engineers) Technical Skills Required: Hands-on Experience with IT Security & Support Tools ConnectWise, Sophos, Rapid7, Freshdesk, OneNet System Administration & Network Troubleshooting Windows/Linux Servers, Firewalls, VPNs, Load Balancers Vulnerability Assessment & Cybersecurity Implementation Security Patching, Compliance Standards, SIEM Solutions Backup & Disaster Recovery Planning Creating & Testing DR Strategies

The Vulnerability Management Analyst will be part of ZS IT Information Security team in Pune. As a Vulnerability Management Analyst, you will be responsible for security vulnerability and threat analysis, planning, prioritizing, and remediating discovered vulnerabilities. To help achieve these goals, you will be responsible for collaboration with multiple teams across ZS to coordinate and enforce mitigation efforts. In addition, you will be expected to stay up to date on technology and security trends and make recommendations to enhance the security posture of ZS infrastructure and applications. What you'll do: Review internal and external vulnerability scans, pen test results, threat intelligence, red team findings, and additional vulnerability inputs, prioritize remediation of discovered vulnerabilities, and coordinate mitigation efforts across all teams and systems Collaborate with the team members and help operationalize defined vulnerability management processes Coordinate with respective teams to ensure timely update and configuration of software and operating systems with the latest patches and security settings to ensure the proper defenses are present Contribute to defining, reviewing, and enacting security policies and practices Stay apprised of the threat landscape, vulnerabilities, and industry best practices and make recommendations to improve ZSs security posture Review and create SOPs & technical documents/runbooks to support team processes and ISMS requirements Work closely with other information security teams to ensure operational efficiency and stay apprised of overall ZS security posture and capabilities What you'll bring: Bachelors degree in information security, Information Technology, or related field 1-3 years of experience in Threat and Vulnerability Management or equivalent knowledge Strong knowledge in industry standard VAPT tools like Tenable (Nessus), Rapid7, Qualys, Wiz and open-source tools Demonstratable expertise and experience with security related incidents is desirable Understanding and experience on working with cloud security services (AWS, Azure, GCP; others a plus) Must be a team player, dedicated, and proactive Must possess good communication, problem-solving, critical thinking, and organizational skills Must have good presentation skills Ability to clearly present technical approaches or findings in oral and written format Ability to present ideas in business-friendly and user-friendly language Highly self-motivated and directed Candidate should be flexible to work in late shifts to converse with leadership teams in US as needed

Vulnerability Management (Rapid7) Overview : Candidate is responsible for identifying, analyzing, and prioritizing vulnerabilities in an organization system, applications and ensuring appropriate measures are taken to remediate them. Candidate will work closely with all required IT Teams to ensure that identifies vulnerabilities are addressed in a timely and effective manner. Responsibilities : • Conduct Regular Vulnerability assessments using tools such as Rapid 7, Qualys. • Hands on experience on Rapid7 is a must. • Analyze and prioritize the identified vulnerabilities based on risk assessment, severity, and exploitability. • Work with IT Teams to develop and implement remediation plans. • Monitor the progress of remediation efforts and provide regular updates to stakeholders. • Participate in Incident response and investigations related to vulnerabilities. • Stay up to date with latest threats and vulnerabilities and adjust the Vulnerability management accordingly. • Ensure compliance with applicable regulatory requirements. • Create reports and metrics to track the progress of the Vulnerabilities. • Be a champion for vulnerability management and information security including broadening awareness and use of the teams services, education of security best practices, and integration with other business areas. • Support teammates regarding vulnerability assessment, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development. Requirements : • Bachelors Degree in computer science or related field. • At least 7-9 years of experience in vulnerability management • Familiarity with Vulnerability scan and assessment techniques. • Good understanding on CVSS scores • Excellent Analytical and Problem-solving skills • Strong communication skills Verbal and Written. • Ability to work independently. • Familiarity with security frameworks like NIST, ISO27001 and regulatory compliance like SOX. • Experience in Azure cloud. • Knowledge on Scripting languages like PowerShell or python will be advantage. • Experience with risk assessments and prioritization methodologies. Responsibilities: • Architectural Design: Develop and maintain security architecture frameworks incorporating Tenable solutions to address organizational risk, compliance, and security objectives. • Solution Integration: Design and oversee the integration of Tenable products (e.g., Tenable.io, Tenable.sc, Tenable.ot) into existing security infrastructures. • Strategic Planning: Collaborate with senior leadership to define security requirements and develop long-term security strategies. • Risk Management: Assess and mitigate risks related to vulnerabilities and threats using Tenable's tools. • Policy and Standards: Establish and enforce security policies and best practices for Tenable product implementation. • Technical Leadership: Provide technical guidance and support on the effective use of Tenable solutions. • Optimization and Innovation: Continuously evaluate and enhance security architectures and Tenable deployments. • Documentation and Reporting: Maintain comprehensive documentation of security architectures and generate reports on security posture. • Training and Awareness: Lead training sessions to enhance understanding of Tenable products and security architecture principles.

Role: AWS DevOps Lead Exp.: 8+ years Job Description: Overall, 8+ years of experience with 5 years of hands-on experience in deployment automation using IaC, Configuration management, Orchestration, Containerization, and running a complete CI/CD pipeline on both cloud and on-prem. Thorough understanding and hands-on skills in the below Infrastructure as Code: Terraform, AWS CloudFormation, Puppet. Source control: GitLab, GitHub. CI/CD: Jenkins, GitLab CICD. Containerization/Orchestration: Kubernetes, AWS ECS, AWS EKS, Docker. CDN: Akamai, AWS CloudFront. Monitoring: AWS Cloud watch, New Relic. Security: AWS Code Guru, Guard Duty, Security Hub, Snyk, Veracode, Rapid7. Programming/Scripting: Python, Shell scripting Good understanding of networking, security rules, firewalls, WAF, API gateways, and auto-scaling principles. Hands on experience using AWS (VPC, Subnets, ALB/NLB, RDS, ECS, SQS, Cognito, Lambda, Memcached ) is required. Understanding of Programming concepts and best practices is required. Experience dealing with production incidents in multi-tier application environment is required. Experience managing production workloads with Site Reliability Engineering best practices. Good understanding of various deployment strategies (Rolling updates, Blue/Green, Canary) Strong exposure on DevSecOps testing methods SAST, DAST, SCA is preferred.

Job Summary: UKG is seeking a talented Vulnerability Management Researcher to join our Product Security team chartered to identify, assess, and drive remediation of security vulnerabilities within our systems and infrastructure. This role requires a proactive individual with a deep understanding of security best practices, risk management, and vulnerability assessment tools. Our team works closely with cross-functional teams, including IT, development, and security operations, to ensure the timely identification and mitigation of vulnerabilities that could potentially impact the organization's security posture. This is a rare opportunity for the right Vulnerability Management Researcher to join UKGs award winning team. You will be working alongside some of the best in the business. If you are qualified and want to join our top-rated team, apply online today. Primary/Essential Duties and Key Responsibilities: Analyze vulnerabilities and prioritize them based on risk, exposure, and potential impact. Research emerging vulnerabilities, zero-day threats, and security advisories to evaluate their relevance and risk to UKG. Collaborate with IT, Cloud and Development teams to ensure identified vulnerabilities are remediated according to the SLA. Track remediation efforts and provide technical support to teams for patching and configuration changes. Evaluate the risk and develop compensating controls for vulnerabilities that cannot be patched immediately. Generate detailed reports and dashboards to track the status of vulnerability management activities and trends over time. Engage in the support and improvement of KPIs to monitor the effectiveness of the vulnerability management program. Recommend and implement improvements to the vulnerability management program and processes, including automation and tool enhancements. Basic Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience). 5+ years of experience in vulnerability management, security operations, or a related cybersecurity role. Hands-on experience with vulnerability management tools (e.g., Rapid7, Wiz, Checkmarx, Black Duck). Experience with cloud environments (AWS, Azure, GCP). Deep knowledge of security vulnerabilities, CVSS scoring, reachability, EPSS. Preferred Qualifications: Knowledge of static code security analysis and container security. Understanding of software development lifecycle processes and CI/CD pipeline security. Proficiency in scripting languages (e.g., Python, Bash, Powershell).

Vulnerability Management: - Daily assessment of vulnerabilities identified by infrastructure scan Evaluate rate and perform risk assessments on assets Prioritizing vulnerabilities discovered along with remediation timeline s Work with associated teams to explain vulnerabilities and remediation steps as required Maintain knowledge of the threat landscape Create reports and provide analysis on vulnerabilities for technical teams and leadership Skill Required Knowledge of application network and operating system security Experience with vulnerability and patch assessment Linux and windows experience Good understanding of Windows and Linux patching Knowledge of vulnerability scoring systems CVSS CMSS Experience on vulnerability scanning tools Excellent writing and presentation skills are required in order to communicate findings and status Cleary communicate priorities and escalation points procedures to other team members Detail oriented organized methodical follow up skills with an analytical thought process Experience performing dynamic scans static scans and penetration testing Development experience Project management experience Innovative and efficiency focused Track trends and configure systems as required to reduce false positives from true events Primary Skills: - Qualys Rapid7 Tenable Nessus