SAT(Klo Job No 89)

Job description:

Processes

· Perform Vulnerability assessment & Policy Compliance using leading Vulnerability Scanning solutions like Qualys etc.

· Perform Vulnerability assessments & Policy Compliance on On-prem, Cloud hosted systems, container (like Docker & Kubernetes), databases, web services and other widely deployed infrastructure components.

· Perform false positive validation and ensure delivery of quality reports.

· Act as a technical SME to analyse the vulnerability results & detection logic.

· Provide technical advice and support on remediation to infrastructure / application support teams.

· Review findings and identify root causes for common issues and provide recommendations for sustainable improvements.

· Responsible to maintain vulnerability quality assurance by building VM team technical knowledge base.

· Research and report on security vulnerabilities and latest advancements in the vulnerability management lifecycle.

· Understand security policies, procedures and guidelines to all levels of management and staff.

· Communicate effectively orally and in writing and establish cooperative working relationships.

· Provide suggestion to improve vulnerability Management service based on current trends in information technology (Network, system security software and hardware).

· Act as line manager in the absence of team lead.

People and Talent

· Minimum 6 years of experience in Information security and preferably in Banking and Financial services sector

· In-depth working experience on Cloud technologies, routers, switches, firewalls, load balancers and proxy will be added advantage for the role.

· Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent.

· Industry certifications will be a plus e.g. CISSP, CCNA Security, CCIE, CCNP Security, CISA, CRISC and CISM.

· Strong knowledge and subject matter expertise in multiple areas within Information Security.

· Hands on skill and expertise in performing risk / threat assessments/risk consulting.

· Excellent written, oral communication and reporting skills.

· Provides technical leadership, expertise and direction working with district and college technical staff for design and implementation of information technology security systems.

· Develops strategy for propagating, maintaining, and measuring compliance against security policies, standards, and guidelines district-wide.

· Time management and organizational skills

· Ability and desire to learn new skills quickly

· Performs other related duties as assigned.