Vulnerability Management Lead - Application/Network Security (7-14 Yrs) Bangalore/Hyderabad/Mumbai/Pune (Others) by Pioneer Financial & Management Services Ltd.

XpatJobs (November-2017 से पंजीकृत) ने 8 दिन पहले इस नौकरी को पोस्ट किया था

- Extensive experience of 8 years in Application / Network Security Assessment - Good at application threat modeling and Applications risk exposure - Experience in dynamic and static application vulnerability scanners like Rapid7 AppSpider, HP WebInspect, IBM AppScan, HP Fortify, etc.
-Experience of using Network security assessment tools like Rapid7 Nexpose, Metasploit, Nessus, Qualys etc.
-Experience in manual security assessment of applications and infrastructure - Establish Vulnerability Management framework process including Vulnerability assessment, treatment, acceptance/exception - Manage VAPT and Secure Configuration Management process - Ensure the coverage and track new assets applications which are going live and VA/PT, Security Configuration Assessment are conducted before going live and periodically after going live.
-Knowledge of scripting languages like Ruby, Python etc.
-Knowledge of web development would be preferred - Knowledge of deploying security scanning tools in large enterprise network - Strong Web application security experience with thorough understanding of web application, Mobile Application vulnerabilities - Good skills on operating systems and command line operations specially Unix.
-Knowledge of database, application, and Web server design and implementation - Familiarity with Security Standards and groups (OWASP, OSSTM, WASC, FISMA) - Experience in client handling including interaction with developers for understanding the mitigations - Working knowledge and experience integrating Telecomm Applications with VM Technologies.
-Experience of integration with multiple external technologies e.g. Incident Management, CMDB (Remedy, Service Desk), PAM, IDAM, SIEM, Third party applications.
-Execution of enterprise wide Infrastructure Vulnerability Assessment, Penetration Testing program - Advanced understanding of networking, system of systems architecture In-depth knowledge of architecture, engineering, and operations - Experience of end to end vulnerability management and penetration test program.
-Experience of vulnerability remediation work flow, ticketing lifecycle etc preferred.
-Strong Understanding and working experience of SDLC include SIT, UAT and NFT. Execution experience of Performance testing.
-Bachelors degree in management information systems, computer science, or related discipline is required.
-Defining integration approaches and creating interface documentation, Test cases for SIT, UAT and NFT.
-Strong understating of Defense in Depth Architecture and security technology used at each layer.
-Familiarity with security regulatory requirements and standards (such as NIST 800 series, ITU, ITIL, PCI and ISO 27001) - Advanced knowledge and experience with the multiple operating systems (Windows, - nix, OSX, VMware, IOS and other infrastructure device OS) - Technology Landscape, Education and Certification - Configuration Analyzer - - Algosec firewall Analyzer, Tuffin Configuration manager, IBM QRM.
-Vulnerability Management - Qualys guard, Nessus - Certified Computer Forensics and Forensics Investigator ( CHFI ) - Certified Ethical Hacker (CEH) - EC Council Certified Security Analyst (ECSA)

Required Skills : English