Security Architect

Job Description

Vulnerability Management (Tenable) Overview : Candidate is responsible for identifying, analyzing, and prioritizing vulnerabilities in an organization system, applications and ensuring appropriate measures are taken to remediate them. Candidate will work closely with all required IT Teams to ensure that identifies vulnerabilities are addressed in a timely and effective manner. Responsibilities: • Conduct Regular Vulnerability assessments using tools such as Tenable. • Hands-on experience on Tenable is a must. • Analyze and prioritize the identified vulnerabilities based on risk assessment, severity, and exploitability. • Work with IT Teams to develop and implement remediation plans. • Monitor the progress of remediation efforts and provide regular updates to stakeholders. • Participate in Incident response and investigations related to vulnerabilities. • Stay up to date with latest threats and vulnerabilities and adjust the Vulnerability management accordingly. • Ensure compliance with applicable regulatory requirements • Create reports and metrics to track the progress of the Vulnerabilities. • Be a champion for vulnerability management and information security including broadening awareness and use of the teams services, education of security best practices, and integration with other business areas. • Support teammates regarding vulnerability assessment, communication/rapport with other divisions and various levels of leadership, technical expertise, and career development. • Experience in integrating Tenable with Servicenow and automating Vulnerability Management process. Requirements : • Bachelor’s Degree in computer science or related field. • At least 10 years of experience in vulnerability management • Familiarity with Vulnerability scan and assessment techniques. • Good understanding of VPR, ACR, CVSS scores, Exploitation, Impact. • Should be familiar with Analysis. • Excellent Analytical and Problem-solving skills. • Strong communication skills Verbal and Written. • Ability to work independently. • Familiarity with security frameworks like NIST, ISO27001 and regulatory compliance like SOX. • Experience in Defender Vulnerability Management will be added advantage. • Knowledge of Scripting languages like PowerShell, or python will be advantage. • Experience with risk assessments and prioritization methodologies.