Vulnerability Management Engineer

Inviting applications for the role of Consultant – Vulnerability Management Engineer

The Information Security Operations Vulnerability Analyst position required with responsibility of reviewing, recommending and assisting in the implementation of technical security program controls including standards, key processes, and best practices. This role will analyze enterprises business applications, computing, and the information security environment, make recommendations and drive the implementation of security strategies.

Roles & Responsibilities:

• Vulnerability Scanning: Conducting regular vulnerability scans using automated scanning tools to identify weaknesses in the organization's networks, systems, applications, and cloud environments.
• Vulnerability Assessment: Analyzing the results of vulnerability scans to assess the severity and potential impact of identified vulnerabilities.
• Risk Prioritization: Collaborating with cross-functional teams, such as IT operations, system administrators, and application owners, to prioritize and classify vulnerabilities based on risk levels and criticality.
• Remediation Planning: Developing and recommending remediation strategies and actions to address identified vulnerabilities. This may involve applying patches, configuration changes, or implementing compensating controls.
• Patch Management: Working with system administrators and application owners to ensure the timely application of security patches to mitigate known vulnerabilities.
• Vulnerability Reporting: Preparing comprehensive reports and documentation to communicate the status of vulnerabilities, risk posture, and progress of remediation efforts to management and relevant stakeholders.
• Vulnerability Trend Analysis: Identifying recurring vulnerability patterns and trends to understand the root causes and address systemic issues in the organization's security posture.
• Security Best Practices: Staying up-to-date with the latest security trends, industry best practices, and emerging threats to continuously improve vulnerability management processes.
• Vulnerability Coordination: Coordinating with external vendors, security researchers, or bug bounty programs when external vulnerabilities affecting the organization's assets are discovered.
• Vulnerability Management Tools: Managing and maintaining vulnerability management tools and platforms, ensuring they are properly configured and optimized for accurate and efficient scanning.
• Compliance and Auditing: Ensuring that vulnerability management practices align with industry standards, regulations, and internal security policies. Preparing for and participating in security audits and assessments.
• Security Awareness and Training: Conducting training and awareness programs for employees and stakeholders to educate them about the importance of vulnerability management and their role in the process.

Qualifications

• Bachelor's degree in Computer Science, Information Security, or a related field.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), or Certified Vulnerability Assessor (CVA).
• Proficiency in vulnerability scanning tools like Nessus, Qualys, or Rapid7 Nexpose.
• Understanding of common vulnerabilities and exposure (CVE) databases and vulnerability scoring systems (CVSS).
• Strong analytical and problem-solving skills to assess and prioritize vulnerabilities effectively.

Preferred qualifications

• Knowledge of network and system architecture, as well as common security technologies and protocols.
• Familiarity with security standards and frameworks (e.g., ISO 27001, NIST Cybersecurity Framework).
• Excellent communication and interpersonal skills to collaborate with diverse teams and stakeholders.
• Attention to detail and ability to work in a fast-paced environment with tight deadlines.

Genpact is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, religion or belief, sex, age, national origin, citizenship status, marital status, military/veteran status, genetic information, sexual orientation, gender identity, physical or mental disability or any other characteristic protected by applicable laws. Genpact is committed to creating a dynamic work environment that values diversity and inclusion, respect and integrity, customer focus, and innovation. For more information, visitwww.genpact.com. Follow us on Twitter, Facebook, LinkedIn, and YouTube.

Best Regards,

Vaishnavi Nandakumar

[***]