Information Security Analyst

Job title: Information Security Analyst Job Responsibilities: The Vulnerability Management Lead has a role within the InfoSec team and will be responsible for owning the Vulnerability Management. This role maintains a close relationship with the CISO team and is supported by platform teams for remediation actions. Focal point of contact for Vulnerability Management and related topics- a go-to person for consultation regarding the vulnerabilities identified by the tool and guide and assist Infrastructure and Application teams to remediate the vulnerabilities identified under their application/infrastructure scope. Prepare the Vulnerability Management Plan and execute the plan through all the phases of the Vulnerability Management Lifecycle. Ensure the Vulnerability scan is scheduled, configured in the tool, and executed as per the schedule. Investigate and troubleshoot vulnerability scan failures and re-run as necessary. Conduct periodical discovery of IT Assets and ensure that identified assets are onboarded in the Vulnerability Management tool. Assess the identified vulnerabilities and study & understand the risk profile, impact as per the environmental context. Lead the discussions with the Infrastructure and Application teams, advise them on the relevance of vulnerability, and help them understand the impact. Understand the environment's technical limitations and facilitate the Risk Acceptance process. Liaise with various stakeholders to propose and maintain risk acceptance approvals for such cases. Collaborate with Infrastructure teams, Windows, Unix, Networks, Cloud, Application teams, etc., to remediate the identified vulnerabilities. Maintain the Vulnerability Dashboard for the scope and submit reports to both technical teams and Management Reporting. Organize work to achieve compliance with established KPIs for Vulnerability Management and proactively work towards achieving the same. Maintain periodic reporting on progress. Escalate, discuss, and consult as required with various stakeholders and Management promptly. Provide subject matter expertise for the Vulnerability Management service. Conduct new threat exposure scanning across the asset scope, advise the applicability, and lead remediation exercises with cross-functional teams. Degree Requirement: This position requires, at a minimum, a bachelor's degree in computer science, computer information systems, information technology or a combination of education and experience equating to the U.S. equivalent of a Bachelor's degree in one of the aforementioned subjects. Work Schedule : Full Time, 40 Hours/Week

Created: 2024-11-05