INFRASTRUCTURE VULNERABILITY MANAGER

Pranay Kumar Mar 1, 2021 671 0

INFRASTRUCTURE VULNERABILITY MANAGER

url to apply- https://www.naukri.com/job-listings-infrastructure-vulnerability-manager-blue-yonder-india-private-limited-bangalore-bengaluru-10-to-15-years-270221904889?src=sortby&sid=16145891723176260_1&xp=11&px=1

from 10 to 15 year(s) of Experience

Bengaluru

Not Disclosed by Recruiter

Posted: 2 days agoJob Applicants: 14Job Views: 14

Job Description

Blue Yonder Title:

Infrastructure Vulnerability Manager (Vulnerability/ Information Security/Cyber Security)

Other Comparable titles:

Infrastructure Security Manager, Manager – Infrastructure Vulnerability, Sr. Manager – Vulnerability & threat Management.

Overview:

Leading AI-driven Global Supply Chain Solutions Software Product Company and one of Glassdoor’s “Best Places to Work”.
Seeking an astute individual that has a strong technical foundation with the additional ability to be hands-on with the broader engineering team as part of the development/deployment cycle, and deep knowledge of industry best practices, with the ability to implement them working with both the platform, and the product teams.

Scope:

Infrastructure Vulnerability Manager who would be responsible for scanning the entire infrastructure of the organization and mitigating the risk.
Interact with internal technology functions to ensure they are made aware and stay updated on Secure Architecture and controls.
Will be directly responsible for vulnerability management and threat management of Blue Yonder infrastructure and information assets.

Our current technical environment:

Software: Java, Springboot, Gradle, GIT, Hibernate, Rest API, OAuth
Application Architecture: Scalable, Resilient, event driven, secure multi-tenant Microservices architecture
Cloud Architecture: MS Azure (ARM templates, AKS, HD insight, Application gateway, Virtue Networks, Event Hub, Azure AD)
Frameworks/Others: Kubernetes, Kafka, Elasticsearch, Spark, NOSQL, RDBMS, Springboot, Gradle GIT, Ignite

What you’ll do:

Perform vulnerability scans and report findings for On-prem and Cloud network.
Publish the vulnerability status reports to senior management and track remediation.
Define and participate in implementation of On-prem and Cloud architecture and security controls.
Proactive identification of threats and risk remediation.
Plan and implement security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
Upgrade security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
Participate in and assist with incident response team, as appropriate.
Generate metrics for the Management as needed.
Prepare system security reports by collecting, analyzing, and summarizing data and trends.

What we are looking for:

10+ years of experience in information security or Vulnerability Management
Minimum 6 years of proven experience in Information security or Vulnerability Management or Penetration testing; a Master’s degree can be substituted for experience.
Strong expertise in Vulnerability and Threat Management, gathering and condensing threat intelligence into actionable and meaningful communication materials.
Bachelor’s degree in information security or Information Technology or Computer Science or related fields
Deep and diverse experience architecting and implementing network security designs.
Expert in network security, system security and endpoint security.
Education and experience in public cloud infrastructure such as Microsoft, Google, AWS, or IBM.
Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001/2, and SSAE-18.
Proven experience with products dealing with vulnerability management services which include Nessus, Retina, Qualys, Nexpose, etc.
Practical experience with the development, implementation, and management of security related technologies (i.e., SIEM, WAF, AV, Firewalls, Internet-facing services).
Excellent customer service including strong written and oral communication skills.
Knowledge of security network devices (firewalls, switches, SIEM, Antivirus, cryptography, etc.) and other security networking hardware/software tools.
Demonstrated understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting.
Certifications such as CISM, CEH, CISSP or equivalent.
Results focused and attention to detail.