Vulnerability Assessment

Are you interested in automating the build and deployment process of the application with ensuring the application security If yes, then Payatu is the place for you. We are always in search of passionate people to expand our renowned Bandit family at Payatu. In the quest for Bandits, here is an excellent opportunity we would like to share with you.

Who we are

Payatu is an ISO certified company where we strive to create a culture of excellence, growth and innovation that empowers our employees to reach new heights in their careers. We are young and passionate folks driven by the power of the latest and innovative technologies in IoT, AI/ML, Blockchain, and many other advanced technologies. We are on the mission of making Cyberworld safe for every organization, product, and individual.

Roles and responsibilities:

Manage VM tool (Tenable.io) and on-premises VA scanners. Perform regular health check to ensure scanner are up and running with latest plugins.

Ensure scans scopes are updated and proper scans are performed on assets as per desired frequency. Troubleshoot and fix scanning issues like authentication failure observed in scheduled scans.

Perform risk assessments on vulnerabilities identified by infrastructure scans to determine real risk and prioritizing vulnerabilities.

Report findings to teams / individual owners of assets and follow up to get the remediation completed within defined SLA.

Develop hardening configuration standards (CIS) document for windows and Linux operating systems and get them implemented with help of stakeholders. Ensure compliance scans are performed to validate hardening configuration as per desired frequency.

Report EC2 instances and lambda functions vulnerability findings from aws inspector to individual resource owners and follow up to get the remediation completed within defined SLA.

You Are Good At :

You should be good at performing vulnerability assessment and articulate the findings in an easily consumable manner to the asset owners. Hence it is expected to have good reporting skills as well.

Configuration and maintenance of regular and ad-hoc vulnerability scans against internal and external IT infrastructure including Cloud

Assessment, reporting and remediation tracking of identified vulnerabilities.

Collaboration with Tribe/ Product owners and cross-functional stakeholders related to vulnerability management. Experience and Qualifications

Should have experience in Vulnerability management of Infrastructure & Cloud assets (Servers/ Network devices/ Containers/ Endpoints etc)

Exposure to Vulnerability Scanning tools such as Tenable/Qualys/Rapid. Thorough knowledge of the CVSS risk rating

Knowledge on scripting (e.g. PowerShell) to write automation scripts.

Solid understanding of the Cloud terminology, windows platform, Active Directory, and networking protocols

Sound knowledge of ITIL standards. Working experience of ITSM tool such as ServiceNow.

Experience of working in a virtual team within a globally distributed company with numerous cultures