Location: Kochi/Trivandrum/Bangalore
Experience: 4+ years

Expected date of onboarding: Immediate

Job purpose

Experion Technologies is looking for a SoC Vulnerability Assessment Analyst, he/she should have at least 4 years of experience in the IT Security Operation Centre (SOC), analyzing the vulnerability assessment reports, identifying the gaps in IT infrastructure from the reports and liaise with respective stakeholders to close the observations.

Job Description

  • Experience in Vulnerability Management On premise & Cloud
  • Knowledge of scanning and vulnerability analysis tools (desired experience in Nessus/ Tenable sc.)
  • Vulnerability assessment and risk modelling skills
  • Basic knowledge and experience in administrating IT components (systems, networks, or servers)
  • Understanding of ITSM processes, in particular Vulnerability Management, Correction Management, Configuration Management
  • Good understanding in reading / assessing vulnerability disclosures (CVE, CVSS)
  • Excellent verbal and written communication skills
  • Collaboration skills to coordinate with multiple teams including IT information security, IT infrastructure verticals and Application owners
  • Foster relationship with key stakeholders in the respective IT infrastructure tower

Duties and Responsibilities

  • Daily Monitoring of identified Vulnerabilities
  • Investigate and identify false and true positives
  • Analyze the severity of vulnerabilities, log the vulnerability information into a repository, alert the remediation team, and coordinate to close the listed vulnerabilities.
  • Provide recommendations to improve the effectiveness of scanning tool to reduce future false positives
  • Prepare Monthly Reports regarding the closure status of open and closed vulnerabilities related tickets
  • To adhere to ISMS policies and procedures.

Qualifications/Experience

  • Bachelor’s degree or the equivalent combination of education technical certifications and work experience Certifications: (Desirable)
  • ITIL Foundation
  • CompTIA Security+ or Microsoft Technology Associate (MTA) Security Fundamentals or CSX Cybersecurity Fundamentals Certificate or Systems Security Certified Practitioner (SSCP)

Working conditions

  • Work hours will have overlap with US CT (3pm – 12 am IST shift)