EXP - 8 - 15 yrs
Immediate joiner only
Key Responsibilities
1. Vulnerability Management & Scanning
- Manage Qualys agent deployment and lifecycle in collaboration with the IT Asset Management (ITAM) team
- Conduct and govern scheduled vulnerability scans:
- Weekly internal scans
- Monthly external scans
- Ensure scan coverage, accuracy, and alignment with organizational policies
2. Remediation Governance & Execution
- Drive wave-based remediation pipeline, including:
- Planning and prioritization
- Validation in test environments
- Defined acceptance criteria before production rollout
- Lead criticality-based remediation strategy:
- Prioritize Critical → High → Medium vulnerabilities
- Conduct post-remediation validation through Qualys re-scanning
3. Risk & Exception Management
- Manage exceptions and compensating controls with proper documentation and approvals
- Coordinate risk acceptance processes with stakeholders and security leadership
- Ensure audit readiness and compliance with internal and regulatory standards
4. Patch & Compliance Monitoring
- Track and enforce patch compliance across systems
- Publish monthly security posture and compliance reports to the CISO office
- Identify trends, gaps, and improvement areas in patching and vulnerability closure
5. System Hardening & Security Improvements
- Drive hardening initiatives for system images and configurations
- Support manual remediation and configuration-fix workflows where automation is not feasible
- Collaborate with engineering teams to institutionalize secure baselines
6. Segmentation & Security Posture Management
- Implement and manage asset segmentation (Red / Yellow / Green classification)
- Enable lab manager and environment-level security controls
- Establish and maintain audit cadence for continuous improvement
