Sr Information Security Analyst

Airtel Wireless

Noida, India

Fresher

Save

Posted 9 hours ago
Over 50 applicants

Job Description

Should have experience in Vulnerability Assessment and Penetration testing across Infra and Applications
Hand-on experience with VA/ PT tools like Tenable etc.
Perform asset and network discovery activities; infrastructure vulnerability testing, helping to ensure full coverage of the Epsilon environment
Prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets
Vulnerability Analysis Creation. Produce vulnerability reports providing a highly timely; accurate; and actionable assessment of new vulnerabilities as they are discovered.
Recommend security patches and any other measures; produce operations reports
Support vulnerability scanning activities, interprets the results, and validates potential exposures; Collate security incident and event data to produce monthly exception and management reports
Keep the Vulnerability Management Program in compliance with security policy and with published SLAs
Leverage CMDB inventory and patch management systems to provide reporting and governance for vulnerability impact and remediation progress
Monitor security vulnerability information from vendors, and third parties
Assist in maintaining technical support documentation.
Collaborate with Information Technology and Business Departments to implement or coordinate remediation required by audits, and document exceptions as necessary Skills/ Experience expected
Ability to demonstrate knowledge with prioritizing remediation activities with operational teams through risk ratings of vulnerabilities and assets
Experience in deploying, operating, and maintaining vulnerability scanning infrastructure and services
Strong knowledge industry standards regarding vulnerability management including Common Vulnerabilities and Exposures (CVE), Common Vulnerability Scoring System (CVSS) and Open Web Application Security Project (OWASP)
Perform initial analysis, identification, remediation, and documentation of network intrusions and computer system compromises