|
Processes*
- Develop hardening standards and translate into tool recognized format. [Example : should aware regex writing skill and implement in Policy Compliance module in Qualys]
- Knowledge of identifying true and false positive against to the hardening standards
- Perform Vulnerability assessment & Policy Compliance using leading Vulnerability Scanning solutions like Qualys, Nessus etc.
- Experience in Cloud Agent, VMDR
- Perform false positive validation and ensure delivery of quality reports.
- Act as a technical SME to analyse the configuration compliance & underlying mechanism on the identification of compliance results.
- Provide technical advice and support on remediation to infrastructure / application support teams.
- Review findings and identify root causes for common issues and provide recommendations for sustainable improvements.
- Understand security policies, procedures and guidelines to all levels of management and staff.
- Communicate effectively orally and in writing and establish cooperative working relationships.
- Provide suggestion to improve vulnerability Management service based on current trends in information technology (Network, system security software and hardware).
- Act as line manager in the absence of team lead.
People & Talent*
- Minimum 4-6 years of experience in Information security and preferably in Banking and Financial services sector
- In-depth working experience on Operating System, Network devices such as routers, switches, firewalls, load balancers and proxy will be added advantage for the role.
- Bachelor Degree in Engineering, Computer Science/Information Technology or its equivalent.
- Industry certifications will be a plus e.g. CISSP, CCNA Security, CCIE, CCNP Security, CISA, CRISC and CISM.
- Strong knowledge and subject matter expertise in multiple areas within Information Security.
- Hands on skill and expertise in performing risk / threat assessments/risk consulting.
- Excellent written, oral communication and reporting skills.
- Provides technical leadership, expertise and direction working with district and college technical staff for design and implementation of information technology security systems.
- Develops strategy for propagating, maintaining, and measuring compliance against security policies, standards, and guidelines district-wide.
- Time management and organizational skills
- Ability and desire to learn new skills quickly
- Performs other related duties as assigned.
|
ROLE SPECIFIC TECHNICAL Skills And Competencies and Proficiency Levels*
|
|
Technical Competency Name:
|
Proficiency Levels
|
|
Knowledge in industry hardening standards on operating systems, network devices
|
Advanced
|
|
Qualys, RAPID7, Tanium COMPLY, Nessus
|
Expert
|
|
Strong Linux Shell experience and Solid knowledge of programming languages is needed, Python etc.,
|
Core
|
|
ITIL Concepts
|
Core
|
|
Knowledge on latest vulnerabilities & threats
|
Expert
|
|
Hands on skill and expertise in performing risk / threat assessments/risk consulting
|
Core
|
|
|
(Please select target proficiency level)
|
|
Policy Compliance
