Consultant - Vulnerability Management
Responsibilities
This role is for a SOC VOC (Cyber Security Vulnerability Management Expert )
will be part of the GTS Security SOC team. In this role, you will drive support India and global regional needs. The objectives of the Security Department (RESG/GTS/SEC) are to manage the strategy for all RESG/GTS in terms of vulnerability management and remediation, focused on working with service team to drive the last mile remediation of vulnerabilities. security, technical standards, processes and tools, and thus to cover many cross-functional functions within the company and subsidiaries across all regions.
Vulnerability Management expert is responsible for scoping, scheduling, generating reports from Qualys and remediating any vulnerabilities identified. Assists in the responsibility for the reviewing vulnerabilities data from multiple sources (i.e; external/internal penetration testing, internal/external vulnerability scanning etc..) across technologies and a changing environment including infrastructure.
-
- Manage support, and resolution for scanning and vulnerability remediation reporting issues
- Collaborate with the business to effectively communicate the risks of identified vulnerabilities and make recommendations regarding the remediation
- Partnering with tools and technology teams to troubleshoot, develop, select, implement and automate appropriate security solutions to keep system data protected from internal and external threats
- Assits in improving and automating existing vulnerability management lifecycle. Including compliance metrics and detection on assets.
- Provide technical support for vulnerability management projects
- Provides analysis and validation post remediation, oppurtunities for improvements and out of the box thinking for optimizations and solving roadblocks
- Perform reoccurring and on demand scanning activities of both corporate and cloud environments utilizing enterprise platform
- Assist in ensuring scan results are presented in appropriate dashboards, reports and forwarded to other data systems as necessary
- Assist in interfering with third party vendors and other in improving the overall scanning process
Perform any other duties as assigned by the organization
Profile required
Technical & Functional Skills
- Minimum, 7-10 years in vulnerability management, and compliance monitoring
- Experience with cybersecurity, specifically vulnerability management and analysis
- Understanding of a variety of technical concepts with focus on cloud computing, automation, networking, systems administration, application development and information security best practices
- System security and compliance administration a plus
- Qualys - managerial reports for each vertical/business line BU/SU end GTS
- Through knowledge of cloud computing and security issues related to cloud environments
- Experience in design, implementation and operations experience with security technologies that includes but not limited to IDS/PS firewalls Log Analysis and SIEM Network Behavior Analysis tools.
- Proven understanding of common vulnerability frameworks
- Identify automation and innovation opportunities
- Experience in IT controls monitoring for regulatory and compliance requirements
Experience in design, implementation and operations experience with security
- Strong academic background with technology skills
- IT Security Certification such as Certified Vulnerability Assessor (CVA)
- Practical understanding of agile or agile @ scale functions and its practical implementations.
- Strong process & change management capabilities
- Strong partnership and Stakeholder management.
- Innovative mindset.
Contribute to building strong brand recognition for SG locally.
Why join us
“We are committed to creating a diverse environment and are proud to be an equal opportunity employer. All qualified applicants receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status”.
Business insight
At Société Générale, we are convinced that people are drivers of change, and that the world of
tomorrow will be shaped by all their initiatives, from the smallest to the most ambitious.
Whether you’re joining us for a period of months, years or your entire career, together we can have
a positive impact on the future. Creating, daring, innovating and taking action are part of our DNA.
If you too want to be directly involved, grow in a stimulating and caring environment, feel useful on a
daily basis and develop or strengthen your expertise, you will feel right at home with us!
Still hesitating?
You should know that our employees can dedicate several days per year to solidarity actions during
their working hours, including sponsoring people struggling with their orientation or professional
integration, participating in the financial education of young apprentices and sharing their skills with
charities. There are many ways to get involved.
We are an equal opportunities employer and we are proud to make diversity a strength for our company. Societe Generale is committed to recognizing and promoting all talents, regardless of their beliefs, age, disability, parental status, ethnic origin, nationality, gender identity, sexual orientation, membership of a political, religious, trade union or minority organisation, or any other characteristic that could be subject to discrimination.