Job Description

Role Purpose

The purpose of this role is to analyse, identify, rectify & recommend specific improvement measures that help in the security posture of the organization by protecting the sensitive information
 

͏

Key Responsibilities

Vulnerability Scanning & Detection

• Perform continuous vulnerability discovery and assessment using Tanium and Qualys across:
• Servers (Windows/Linux)
• Endpoints
• Network devices
• Cloud workloads (AWS/Azure/GCP, if applicable)
• Configure and manage authenticated and unauthenticated scans.
• Ensure proper scan coverage, agent health, and asset visibility.

Vulnerability Analysis & Risk Assessment

• Analyze scan results to:
• Validate true positives and eliminate false positives
• Identify exploitability and business impact
• Perform risk-based prioritization using:
• CVSS scores
• Asset criticality
• Threat intelligence (KEV, exploit availability)

Remediation & Lifecycle Management

• Collaborate with infrastructure, cloud, and application teams to:
• Recommend remediation actions
• Validate patching and configuration fixes
• Track vulnerabilities through the full lifecycle:
• Open → In Progress → Mitigated → Closed
• Perform rescan and verification post-remediation.

Reporting & Metrics

• Generate weekly, monthly, and executive-level reports including:
• Vulnerability trends
• SLA compliance
• Risk posture by severity
• Maintain dashboards and KPIs for leadership and stakeholders.

Compliance & Governance

• Support compliance requirements such as:
• Internal security standards
• Regulatory frameworks (ISO 27001, SOC2, PCI-DSS, etc.)
• Assist during audits by providing evidence and vulnerability reports.

Process Improvement & Automation

• Improve vulnerability management workflows using:
• Tanium automation
• Qualys reporting and tagging
• Identify opportunities to optimize scanning, remediation SLAs, and reporting.

Primary Tools & Technologies

• Tanium (Asset discovery, vulnerability detection, endpoint visibility)
• Qualys VM / VMDR
• Operating Systems: Windows, Linux
• Cloud platforms: AWS / Azure (nice to have)
• Ticketing tools: ServiceNow / JIRA
• Scripting (nice to have): Python, PowerShell, Bash

Required Skills & Qualifications

• 7 years of experience in Vulnerability Management / Detection & Assessment
• Strong hands-on experience with Tanium and Qualys
• Solid understanding of:
• CVE, CVSS, CWE
• OWASP Top 10 (basic understanding)
• Knowledge of:
• Patch management
• System hardening
• Network and OS security fundamentals
• Experience working in enterprise or client-facing environments

Good to Have

• Exposure to Cloud Security vulnerability assessments
• Experience with KEV, threat intelligence feeds
• Security certifications:
• CEH
• Security+
• Qualys or Tanium certifications
• Automation or scripting experience

͏

Soft Skills:

• Strong analytical and problem-solving skills
• Excellent communication with technical and non-technical stakeholders
• Ability to manage multiple priorities and meet SLAs
• Ownership mindset and proactive risk identification

͏

͏