Threat and Vulnerability Management Engineer

About the Role:

• This is a HANDS-ON engineering position for individuals with a passion for Vulnerability Management, managing related tools and supporting business.  
• The role is 70% focused on providing operations support and 30% focused on new projects, enhancements.
• Hybrid working model is available.

Education:

• A university bachelors degree in cyber security or computer Engineering is a must-have.
• One or more certifications from any of the security education-credentialing institutes like GIAC, SANS Institute is a plus.

Prior Experience:

• Minimum experience of 8 years in the field of Threats and Vulnerability management in a corporate environment
• Hands-on expertise operating, integrating Qualys platforms using the console, scripting, and automation frameworks.
• Hands-on expertise programming in Python
• Hands-on experience analysing Vulnerability data for both on-prem, cloud and cloud native environments.
• Have a sense of urgency in production issues and be a proactive speaker and listener.

Preferred:

• Hands-on experience in programming with networking stack, TCP/IP stack, compute technologies (virtualization, containerization), storage 
• Hands-on experience implementing and integrating security stacks in support of Threats & Vulnerabilities management.
• Knowledge of technical design of the security controls (especially in the Windows OS)

Day-to-Day Responsibilities:

• Manage Qualys console using various modules.
• Make sure client agent coverage is managed at a good level.
• Support business with Qualys and/or Vulnerability Management requests
• Understand the current state of the technology components in the IT stack ranging from networking, storage, compute (virtualization, containers), applications & security mgmt.
• Collaborate with team-mates and understand the threats, vulnerabilities, and risks to the enterprise.
• Establish non-production and production environments for testing and hosting the applications.
• Own the end-to-end technical design, unit testing and the maintenance of the hosting environment.
• Adhere to the Scaled Agile Framework methodologies and tools that exists in the environment.
• Participate in daily stand-up sessions of Compliance & Security release train and contribute to bi-weekly sprints.
• Learn System Engineering concepts to analyse existing environment and find more efficient ways.
• Identify ways of doing things with full automation, AI and ML which needs knowing/learning the concepts of these technologies.

Regards

Yamini