DIGITAL SECURITY SOC Services
Job Summary
Vulnerability Management Specialist - Qualys ( Cyber security -Tool)
As an vulnerability management specialist you will support the SOC team in their daily activity and administrating Operational Security Processes. You will be asked to identify improvements in current processes and formalize it through clear documentation.
Among theongoing administration of Processes your main responsibilities will be to manage the vulnerability scan process. The process is based on Qualys Tools.
Perform global infra vulnerability scanning along with change management process
Help system administrators to deploy and troubleshoot Qualys agent on different operating systems (Windows Linux AIX etc)
Analyze scan results and deploy Qualys appliances(virtual and physical) to enhance scan coverage
Responsible for understanding reviewing and interpreting assessment and scanning results reducing false positive findings and acting as a trusted security advisor to the client.
Identify and prioritize all vulnerabilities in client environments and provide timely vulnerability assessment reports to key stakeholders
Develop and report enterprise-level metrics for vulnerabilities and remediation progress
User requests administration: manage users request on the platforms. Add Hosts Assets Groups create scan report or Dashboard (using the standard and process delivered by SOC SG). Including Emergency stop of scan.
Manage Vulnerability Scan for GTS: Manage the Change management process to request a scan on GTS infrastructure. Manage the change creation the achievement of the change process following by the job creation on Qualys platform.
Present Vulnerability Assessment Scanning and guidance False Positive Validation Compliance Scanning and scan profile and policy creation.
Analysis of vulnerability: based on group standards manage the alerting on critical vulnerability found by a vulnerability scan and follow the mitigation with remediation teams
Ability to identify false positives
Knowledge of vulnerability management frameworks and concepts such as CVE and CVSS scoring systems and attacking vectors
Dashboard: generate monthly and quarterly reports and dashboards.
Understanding of Qualys tags
Manage Internal Qualys infrastructure: survey the status of Qualys appliances and manage the RMA process and deployment of new appliances.
Implement automated proactive security measures
Hands on Qualys modules Vulnerability Management Security Configuration Assessment(SCA)/Policy Compliance Container Security Cloud Agent Container Security Cloud security
Knowledge and experience on Terraform python and any scripting is required
Profile required
End to end understanding of Vulnerability management (scanning remediation follow-up false positive verification)
Conduct Network and System Vulnerability assessments and documentation of corrective/remediation actions
Drive the end-to-end vulnerability lifecycle from discovery to closure
Identify internal and external threats that could result in unauthorized disclosure misuse alteration or destruction of customers information assets
Identify and prioritize all vulnerabilities in client environments and provide timely vulnerability assessment reports to key stakeholders
Ensure timely follow up with patch management and vulnerability remediation in coordination with Countermeasures personnel
He/She has good knowledge in the Qualys Vulnerability assessment tool & Management .
He/she has to complete certification in Qualys Guard:
- Qualys VMDR
- Qualys Cloud Agent
- Qualys Policy Compliance
- Qualys CSAM
- EC-Council CEH
Responsibilities
Vulnerability Management Specialist - Qualys ( Cyber security -Tool)
As an vulnerability management specialist you will support the SOC team in their daily activity and administrating Operational Security Processes. You will be asked to identify improvements in current processes and formalize it through clear documentation.
Among theongoing administration of Processes your main responsibilities will be to manage the vulnerability scan process. The process is based on Qualys Tools.
Perform global infra vulnerability scanning along with change management process
Help system administrators to deploy and troubleshoot Qualys agent on different operating systems (Windows Linux AIX etc)
Analyze scan results and deploy Qualys appliances(virtual and physical) to enhance scan coverage
Responsible for understanding reviewing and interpreting assessment and scanning results reducing false positive findings and acting as a trusted security advisor to the client.
Identify and prioritize all vulnerabilities in client environments and provide timely vulnerability assessment reports to key stakeholders
Develop and report enterprise-level metrics for vulnerabilities and remediation progress
User requests administration: manage users request on the platforms. Add Hosts Assets Groups create scan report or Dashboard (using the standard and process delivered by SOC SG). Including Emergency stop of scan.
Manage Vulnerability Scan for GTS: Manage the Change management process to request a scan on GTS infrastructure. Manage the change creation the achievement of the change process following by the job creation on Qualys platform.
Present Vulnerability Assessment Scanning and guidance False Positive Validation Compliance Scanning and scan profile and policy creation.
Analysis of vulnerability: based on group standards manage the alerting on critical vulnerability found by a vulnerability scan and follow the mitigation with remediation teams
Ability to identify false positives
Knowledge of vulnerability management frameworks and concepts such as CVE and CVSS scoring systems and attacking vectors
Dashboard: generate monthly and quarterly reports and dashboards.
Understanding of Qualys tags
Manage Internal Qualys infrastructure: survey the status of Qualys appliances and manage the RMA process and deployment of new appliances.
Implement automated proactive security measures
Hands on Qualys modules Vulnerability Management Security Configuration Assessment(SCA)/Policy Compliance Container Security Cloud Agent Container Security Cloud security
Knowledge and experience on Terraform python and any scripting is required
Profile required
End to end understanding of Vulnerability management (scanning remediation follow-up false positive verification)
Conduct Network and System Vulnerability assessments and documentation of corrective/remediation actions
Drive the end-to-end vulnerability lifecycle from discovery to closure
Identify internal and external threats that could result in unauthorized disclosure misuse alteration or destruction of customers information assets
Identify and prioritize all vulnerabilities in client environments and provide timely vulnerability assessment reports to key stakeholders
Ensure timely follow up with patch management and vulnerability remediation in coordination with Countermeasures personnel
He/She has good knowledge in the Qualys Vulnerability assessment tool & Management .
He/she has to complete certification in Qualys Guard:
- Qualys VMDR
- Qualys Cloud Agent
- Qualys Policy Compliance
- Qualys CSAM
- EC-Council CEH
Qualifications
He/She has good knowledge in the Qualys Vulnerability assessment tool & Management .
He/she has to complete certification in Qualys Guard:
- Qualys VMDR
- Qualys Cloud Agent
- Qualys Policy Compliance
- Qualys CSAM
- EC-Council CEH
About Company
At Zensar, we’re “experience-led everything”. We are committed to conceptualizing, designing, engineering, marketing, and managing digital solutions and experiences for over 130 leading enterprises. We are a company driven by a bold purpose: Together, we shape experiences for better f ... View more