Role: - Vulnerability Management Lead
Location: - Dallas, TX, Day 1 Onsite with no flexibility
Rate : $70/hr 75/hr , can go higher for the right candidate (Looking for 11+ Years exp. in Cyber Security)
Mandatory Skill- Rapid 7
Job description: -
- Experience working on vulnerability assessment tools Rapid 7 Nexpose, Insight VM.
- Experience implementing and upgrading the Rapid 7 platform, agents, scanners
- Experience configuring sites, asset groups, Tags
- Experience driving vulnerability remediation and governing a team of resources
- Able to drive vulnerability process enhancements by defining, discussing with client teams
- Experience driving teams on day-to-day activities on Rapid 7 platform, monitoring, maintenance tasks and configuring and running scans.
- Should have clear understanding on vulnerabilities and what it requires to remediate
- Should be able to present vulnerability risk, remediation status on a weekly or bi-weekly basis
- Should have good knowledge of analyzing vulnerabilities, prioritization based on risk. Driving remediation or closure of the vulnerabilities with remediation teams.
- Experience working on analyzing, bucketizing and driving vulnerability remediation with the asset owners, app owners.
- Able to provide remediation solutions for the vulnerabilities based on the unique vulnerability categorization. Support teams to understand what is required to remediate vulnerabilities.
- Experience working on various associated process like asset decom, exception management, false positive suppression etc.
- Work on asset owners mapping, sorting vulnerability remediation dependencies for ones where there are multiple parties involved.
- Ensuring team is working on creating service now tickets to distribute vulnerabilities to remediation teams
- Experience in preparing KPI, Metrics, PowerPoint slides to provide status updates to client.
- Experience working on Rapid 7 reports, SQL query's to fetch reports as required.
- Able to understand, design and develop threat mitigation strategy, prioritize identified threats, managing risks associated with threats
- Provide technical expertise in providing compensating controls for exception vulnerabilities
- Good knowledge on reporting and analytical support on vulnerability remediation trend and risk
- Good understanding of analyzing process, SOP's and work towards enhancing them.
- Experience with accessing information security and Risks on a variety of platforms, including Mainframe, Oracle, Unix, Windows, Networks, Firewall and E-commerce
- Worked on CIS security controls to configure the controls in the tool template and validate control effectiveness on servers, network devices will be a plus
- Should Possess good knowledge of standards and compliance such as ISO 27001, PCIDSS
- Experience in utilizing tools to enhance reporting, vulnerability distribution and follow up.
- Should have a good communication skills & customer handling skill.
Qualification: Candidate should be graduate preferably B.E/ B. Tech/MCA.
Certification: Candidate should have done certifications like CISSP/CISA / ISO 27001 LA or other relevant product vendor certification.
Experience: Candidate should have specific experience of 8 + years working on Vulnerability Management Lifecycle and managing team and client. Overall Cyber Security experience 11+ years.
Soft Skills:
- Motivated to complete all tasks and projects, should be self-driven and responsible to achieve all tasks, deliverables as per scope
- Excellent spoken English skills
- Excellent writing skills. Must be able to create/edit technical documentation.
Thanks & Regards,
Om Keshari |
Talent Acquisition Group |
HCLTech |