Airtel - IT Security Analyst - VAPT (5-10 yrs)
- Should have experience in Vulnerability Assessment and Penetration testing across Infra and Applications
- Hand-on experience with VA/ PT tools like Tenable etc.
- Perform asset and network discovery activities; infrastructure vulnerability testing, helping to ensure full coverage of the Epsilon environment
- Prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets
- Vulnerability Analysis Creation. Produce vulnerability reports providing a highly timely; accurate; and actionable assessment of new vulnerabilities as they are discovered.
- Recommend security patches and any other measures; produce operations reports
- Support vulnerability scanning activities, interprets the results, and validates potential exposures; Collate security incident and event data to produce monthly exception and management reports
- Keep the Vulnerability Management Program in compliance with security policy and with published SLAs
- Leverage CMDB inventory and patch management systems to provide reporting and governance for vulnerability impact and remediation progress
- Monitor security vulnerability information from vendors, and third parties
- Assist in maintaining technical support documentation.
- Collaborate with Information Technology and Business Departments to implement or coordinate remediation required by audits, and document exceptions as necessary Skills/ Experience expected
- Ability to demonstrate knowledge with prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets
- Experience in deploying, operating, and maintaining vulnerability scanning infrastructure and services
- Strong knowledge industry standards regarding vulnerability management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP)
- Perform initial analysis, identification, remediation, and documentation of network intrusions and computer system compromises
- 3 to 5 years of experience Security Operations experience
- Ability to read, write and modify scripts for automation of vulnerability management tasks using Python, PowerShell, Ruby on Rails, and/ or Bash
- Good knowledge of packet filtering, stateful packet inspection and the differences between them
- Good knowledge of fundamental networking/distributed computing environment concepts; routing, switching, VLANs, VPNS, NIS, NFS.
- Intermediate to advanced understanding of packet capture and analysis using snoop, tcpdump and Ethereal or similar tools.
- Experience with host security (e.g., passwords, uids/gids, SIDs, file permissions, ACLs, filesystem integrity, use of security packages, IPTables).
- Familiarity with incident response techniques, intrusion prevention systems, information security methodologies, authentication protocols and different IT Security threat mechanisms.
- Knowledge of IT Security Standards (ISMS / ISO 27001, PCI-DSS etc.)
This job opening was posted long time back. It may not be active. Nor was it removed by the recruiter. Please use your discretion.