Role: Vulnerability Management SME
Location: Raleigh, NC (Day-1Onsite)
Duration: Long-Term
Job Description
- Experience on vulnerability Assessment tools like Qualys, Tenable SC, Tenable IO, Tenable OT etc, Rapid 7 VMDR, etc.
- Set up and carry out Vulnerability Management Program with astute Project Management Skills
- Experienced in Configuration Assessment & Policy Compliance
- Prioritizing vulnerabilities discovered along with remediation timeline(s)
- Work with associated teams to explain vulnerabilities and remediation steps as required.
- Maintain knowledge of the threat landscape, Advisory, Intel
- Create reports and provide analysis on vulnerabilities post False Positive removal for technical teams and leadership
- Knowledge of application, network and operating system security
- Good understanding of Windows and Linux OS, UNIX, patching, hardening etc.
- Knowledge of vulnerability scoring systems (CVSS/CMSS), CIS
- Test for vulnerability by creating and testing custom scripts and applications
- Analyse scan reports and suggest remediation / mitigation plan
- Research and maintain proficiency in computer application exploitation, tools, techniques, countermeasures, and trends in computer application vulnerabilities
- Compile and track vulnerabilities and mitigation results to quantify program effectiveness
- VM - Best Practices & Training, Strategic Advisory
- Track trends and configure systems as required to reduce false positives from true events.
- Experience of ITSM, Bug tracking tools etc.
- VM Solution implementation & roll out.
- Vulnerability Triage Services & Vulnerability Tracking
- Validating of quantity and placement of scanners
- Integration, configuration, testing, deployment and release of tools as applicable
- Finetune and validate firewall rule, system level access restriction with respect to tool solution
- Advise best strategies to infrastructure team to Install & maintain agents, sensors, scanner.
- Troubleshooting of escalated issue regarding authentication rule configuration, any other issue related to tool solution
- Support root cause analysis and supporting remediation for Tool solution
- Excellent writing and presentation skills are required in order to communicate findings and status
- Cleary communicate priorities and escalation points/procedures to other team members
Educational Requirement
- Bachelor's Degree, or equivalent work experience, in Computer Science or related field preferred.
- Certified Ethical Hacker (CEH)
