Vulnerability Management Lead - Application/Network Security (7-14 yrs) Bangalore/Hyderabad/Mumbai/Pune (Others)
Pioneer Financial & Management Services Ltd.
Bangalore
8d ago
source : hirist.com
  • Extensive experience of 8+ years in Application / Network Security Assessment
  • Good at application threat modeling and Applications risk exposure
  • Experience in dynamic and static application vulnerability scanners like Rapid7 AppSpider, HP WebInspect, IBM AppScan, HP Fortify, etc.
  • Experience of using Network security assessment tools like Rapid7 Nexpose, Metasploit, Nessus, Qualys etc.
  • Experience in manual security assessment of applications and infrastructure
  • Establish Vulnerability Management framework & process including Vulnerability assessment, treatment, acceptance / exception
  • Manage VAPT and Secure Configuration Management process
  • Ensure the coverage and track new assets & applications which are going live and VA / PT, Security Configuration Assessment are conducted before going live and periodically after going live.
  • Knowledge of scripting languages like Ruby, Python etc.
  • Knowledge of web development would be preferred
  • Knowledge of deploying security scanning tools in large enterprise network
  • Strong Web application security experience with thorough understanding of web application, Mobile Application vulnerabilities
  • Good skills on operating systems and command line operations specially Unix.
  • Knowledge of database, application, and Web server design and implementation
  • Familiarity with Security Standards and groups (OWASP, OSSTM, WASC, FISMA)
  • Experience in client handling including interaction with developers for understanding the mitigations
  • Working knowledge and experience integrating Telecomm Applications with VM Technologies.
  • Experience of integration with multiple external technologies e.g. Incident Management, CMDB (Remedy, Service Desk), PAM, IDAM, SIEM, Third party applications.
  • Execution of enterprise wide Infrastructure Vulnerability Assessment, Penetration Testing program
  • Advanced understanding of networking, system of systems architecture In-depth knowledge of architecture, engineering, and operations
  • Experience of end to end vulnerability management and penetration test program.
  • Experience of vulnerability remediation work flow, ticketing lifecycle etc preferred.
  • Strong Understanding and working experience of SDLC include SIT, UAT and NFT. Execution experience of Performance testing.
  • Bachelor's degree in management information systems, computer science, or related discipline is required.
  • Defining integration approaches and creating interface documentation, Test cases for SIT, UAT and NFT.
  • Strong understating of Defense in Depth Architecture and security technology used at each layer.
  • Familiarity with security regulatory requirements and standards (such as NIST 800 series, ITU, ITIL, PCI and ISO 27001)
  • Advanced knowledge and experience with the multiple operating systems (Windows, - nix, OSX, VMware, IOS and other infrastructure device OS)
  • Technology Landscape, Education and Certification
  • Configuration Analyzer - - Algosec firewall Analyzer, Tuffin Configuration manager, IBM QRM.
  • Vulnerability Management - Qualys guard, Nessus
  • Certified Computer Forensics and Forensics Investigator ( CHFI )
  • Certified Ethical Hacker (CEH)
  • EC Council Certified Security Analyst (ECSA)
  • Step 2
    Apply
    Add to favorites
    Remove from favorites
    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form