Share this Job

Manager_Vulnerability Management_Pune/Bangalore

Posting Country:  India
Date Posted:  17-Sep-2021
Full Time / Part Time:  Full Time
Contract Type:  Permanent

At Vodafone, we’re working hard to build a better future. A more connected, inclusive and sustainable world. As a dynamic global community, it's our human spirit, together with technology, that empowers us to achieve this. 

We challenge and innovate in order to connect people, businesses, and communities across the world. Delighting our customers and earning their loyalty drive us, and we experiment, learn fast and get it done, together.

With us, you can be truly be yourself and belong, share inspiration, embrace new opportunities, thrive, and make a real difference.

Description

Role Purpose:  

To operate security service for vulnerability assessment. To execute security assessments on technical devices and systems of the company to highlight risks to business. To create detailed reports and hand them over for solution. To proactively discover vulnerabilities and ensure mitigation actions are implemented in the defined time schedule. Drive implementation/on boarding of new scanners and regularly report status, produce relevant management information to key stakeholders. To manage and oversee all vulnerability management projects, push vulnerability remediation, ensure to meet all defined SLA's and KPI's for the services provided by the teams. Manage & administrate security scanners & ensure effective controls are in place to detect vulnerabilities across Vodafone infrastructure, services and applications. #_VOIS

Long Description

Must have technical / professional qualifications:  

  • Degree in Computer Science/ Information Technology/ Engineering or similar 

  • Prior experience in leading VAPT operations /engineering 

  • Prior experience in Vulnerability scanner management, Vulnerability assessment.  

  • Good knowledge in Networking and security concepts  

  • Experience of global customer handling 

  • A reputation for self-motivation, integrity, cultural sensitivity and strong interpersonal skills 

Job Responsibility

Core competencies, knowledge and experience: 

8+ years relevant experience in vulnerability scanner management & Vulnerability assessment and 

Must have skill set in using tools Qualysguard VMDR, WAS, cloud scanning management and security scanning 

Industry recognized security certifications like CEH - Ethical Hacking Certification 

Experience in few of the technologies Retina, ACUNETIX, Nessus, Open VAS - scanning tools, Penetration testing tools, Metaspolit framework, NMAP, Nagios  

Should have experience in Operating systems like Linux, Windows, web application, Virtualisation-VMWARE, network/ infrastructure security and assessments  

Knowledge on OWASP, Sandbox, Kali Linux, Burp suite, CVE, SSL PKI,2FA, IAM, Perimeter security, SIEM solutions. 

Experience in compiling VAPT reports, penetration testing test environments 

Not mandatory but good to have knowledge on penetration testing and tools 

Impact on the business

Executes security assessments to highlight and clearly articulate risk to the business. 

Leads the offshore VM team 

Participates in the scope definition of security scanning and VA scanners management  

Acts as primary technical subject matter expert for security scanning. 

Accountable for the overall scanning infrastructure, scanning execution, quality of work and deliverables. 

Proactively discovers vulnerabilities in Vodafone environments and ensure mitigation actions are implemented 

Continuously develops security assessment services and processes. 

Performs vulnerability research to identify new, previously unknown and unpublished vulnerabilities. 

Creates detailed technical reports about Vulnerability scanning and hands findings over to resolver teams; responds to technical queries related to the reports and findings. 

Tracks the work of the resolver team. Follows up remediation actions with the local IT security managers. 

Collaborate with infrastructure and application owners on security hot-fixes. 

Support the cyber incident response team in specified vulnerability discovery and identification tasks during crisis management.  

Coordinate with stakeholders to develop requirements for service enhancements  

Research about new zero day vulnerabilities, exploitation techniques and ensure scans are targeted to identify the new vulnerabilities in Vodafone environment and recommend appropriate mitigation actions are initiated 

 Documents SOP, processes and procedures. 

Manually validates vulnerabilities reported by automated vulnerability scanners. 

Integrate findings across infrastructure, to provide a holistic security posture for assets 

Skills

Security
Risk and Compliance

Vodafone is committed to attracting, developing and retaining the very best people by offering a motivating and inclusive workplace in which talent is truly recognised and rewarded. We are committed to promoting Inclusion for All with the belief that diversity plays an important role in the success of our business. We actively encourage everyone to consider becoming a part of our journey.