Vulnerability Management
- Bangalore, Karnataka
- Permanent
- Full-time
Job Title Vulnerability Management x 1
Role Description Responsible for facilitating end to end vulnerability management responsibilities with internal employees and AT&T's external auditing firms for Service Provider PCI, SOC, and ISO 27001 audits.
Key Role and Responsibilities:
1. Schedule and ensure weekly scans are conducted, results are provided to the appropriate Remediation Owners and applicable Critical, High, and medium security risk vulnerabilities are addressed in a timely manner.
2. Schedule and facilitate meetings with internal employees to obtain, review, and analyze device inventory for assets supporting AT&T services in scope for a PCI, SOC, or ISO 27001 audits.
3. Schedule and facilitate meetings with internal employees covering vulnerability scan results providing Remediation Owners with information to help address in scope vulnerabilities to be compliant with PCI and ASPR requirements.
4. Schedule and provide training for internal employees covering vulnerability scanning and remediation for the latest PCI and ASPR requirements.
5. Perform security analysis, drive technical security assessments, and monitor and report on remediation progress.
6. Provide guidance to remediation teams to ensure compliance with regulatory, contractual, and legal requirements.
7. Perform scanning reconciliations to quickly identify in scope devices that were not properly scanned.
8. Follow-up with appropriate representatives to gain an understanding why in scope devices were not scanned and schedule rescans to ensure scanning of all in scope devices.
9. Assist with and perform penetration and segmentation testing for AT&T services.
10. Meet with external auditors as needed to review required audit evidence.
11. Contribute to the overall success of the team by identifying and documenting process improvements and creating and maintaining process documentation.
Required Skills 1. Advance project management, time management, Microsoft PowerPoint, Excel, Outlook, and Word skills are required.
2. Advanced verbal and written skills are required.
3. ServiceNow experience using the vulnerability response module.
Desired Skills 1. Bachelor's degree in Computer Science with an emphasis in information systems is preferred.
2. Minimum of 5 years of experience in IT Operations, external PCI DSS audits, and 3 years of IT Security is preferred.
3. The following certifications are an asset, CISSP, CISM, CCSK, CCSP, PMP, and CISA.
Service supported Vulnerability ManagementLocation- Bangalore/Hyderabad
Yrs of Exp-5+Yrs