Vulnerability Assessment

• Review and triage vulnerability findings from scanners, threat intelligence feeds, penetration tests, and audits.
• Correlate vulnerabilities with affected assets and assess potential business impact.

Mitigation Planning and Execution

• Work with system and application owners to prioritize and implement mitigation strategies, patches, or configuration changes.
• Track remediation progress and validate fixes via rescans or manual checks.
• • Package management (e.g., yum, apt, zypper).
  • Disabling unnecessary services and users.
  • Managing iptables, firewalld, or ufw.
  • Managing file and service permissions.
  • Implementing least privilege policies.
  • Enforcing strong authentication and account lockout policies.
  • Correlating vulnerabilities with known exploits in the wild.

Reporting and Documentation

• Maintain dashboards and manual reports detailing open, resolved, and overdue vulnerabilities.
• Prepare vulnerability metrics for executive reports and audit support

Collaboration and Stakeholder Engagement

• Act as the point of contact between InfoSec and IT Infrastructure, Cloud, DevOps, and Application teams for vulnerability-related matters.
• Escalate unaddressed vulnerabilities and risks to management and risk owners.

Knowledge to Tenable Nessus will be an added advantage.

Optional Skills-

• Scripting (Bash, PowerShell, Python): Automate remediation or reporting.
• Ansible/Chef/Puppet/Salt: Infrastructure as Code for hardening or patching.
• SIEM Integration: Correlate vulnerability findings with security logs.

Location- Noida

Yrs of Exp-3-8Yrs