Cyber Security Senior Analyst - Qualys Vulnerability Management-CONTRACTOR - (240007PN)
Missions
As an operational risk officer, you will support the SOC team in their daily activity and administrating Operational Security Processes. You will be asked to identify improvements in current processes and formalize it through clear documentation.
Among the ongoing administration of Processes, your main responsibilities will be to manage the vulnerability scan process. The process is based on Qualys Tools.
• Responsible for understanding, reviewing, and interpreting assessment and scanning results, reducing false positive findings, and acting as a trusted security advisor to the client.
• Identify and prioritize all vulnerabilities in client environments and provide timely vulnerability assessment reports to key stakeholders
• Develop and report enterprise-level metrics for vulnerabilities and remediation progress
• User requests administration: manage users request on the platforms. Add Hosts, Assets Groups, create scan, report or Dashboard (using the standard and process delivered by SOC SG). Including Emergency stop of scan.
• Manage Vulnerability Scan for GTS: Manage the Change management process to request a scan on GTS infrastructure. Manage the change creation, the achievement of the change process following by the job creation on Qualys platform.
• Present Vulnerability Assessment Scanning and guidance, False Positive Validation, Compliance Scanning and, scan profile and policy creation.
• Analysis of vulnerability: based on group standards, manage the alerting on critical vulnerability found by a vulnerability scan and follow the mitigation with remediation teams
• Ability to identify false positives
• Knowledge of vulnerability management frameworks and concepts such as CVE, and CVSS scoring systems and attacking vectors
• Dashboard: generate monthly and quarterly reports and dashboards.
• Qualys tags: Understanding of Qualys tags
• Manage Internal Qualys infrastructure: survey the status of Qualys appliances and manage the RMA process and deployment of new appliances.
• Implement automated, proactive security measures
• Hands on Qualys modules – Vulnerability Management, Policy Compliance, Web Application Scanning, Cloud Agent, Asset View,Container Security, VMDR
Profile
End to end understanding of Vulnerability management (scanning, remediation follow-up, false positive verification)
Conduct Network and System Vulnerability assessments and documentation of corrective/remediation actions
Drive the end-to-end vulnerability lifecycle from discovery to closure
Identify internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of customer’s information assets
Identify and prioritize all vulnerabilities in client environments and provide timely vulnerability assessment reports to key stakeholders
Ensure timely follow up with patch management and vulnerability remediation in coordination with Countermeasures personnel
Responsibilities
Cyber Security Senior Analyst - Qualys Vulnerability Management-CONTRACTOR - (240007PN)
Missions
As an operational risk officer, you will support the SOC team in their daily activity and administrating Operational Security Processes. You will be asked to identify improvements in current processes and formalize it through clear documentation.
Among the ongoing administration of Processes, your main responsibilities will be to manage the vulnerability scan process. The process is based on Qualys Tools.
• Responsible for understanding, reviewing, and interpreting assessment and scanning results, reducing false positive findings, and acting as a trusted security advisor to the client.
• Identify and prioritize all vulnerabilities in client environments and provide timely vulnerability assessment reports to key stakeholders
• Develop and report enterprise-level metrics for vulnerabilities and remediation progress
• User requests administration: manage users request on the platforms. Add Hosts, Assets Groups, create scan, report or Dashboard (using the standard and process delivered by SOC SG). Including Emergency stop of scan.
• Manage Vulnerability Scan for GTS: Manage the Change management process to request a scan on GTS infrastructure. Manage the change creation, the achievement of the change process following by the job creation on Qualys platform.
• Present Vulnerability Assessment Scanning and guidance, False Positive Validation, Compliance Scanning and, scan profile and policy creation.
• Analysis of vulnerability: based on group standards, manage the alerting on critical vulnerability found by a vulnerability scan and follow the mitigation with remediation teams
• Ability to identify false positives
• Knowledge of vulnerability management frameworks and concepts such as CVE, and CVSS scoring systems and attacking vectors
• Dashboard: generate monthly and quarterly reports and dashboards.
• Qualys tags: Understanding of Qualys tags
• Manage Internal Qualys infrastructure: survey the status of Qualys appliances and manage the RMA process and deployment of new appliances.
• Implement automated, proactive security measures
• Hands on Qualys modules – Vulnerability Management, Policy Compliance, Web Application Scanning, Cloud Agent, Asset View,Container Security, VMDR
Profile
End to end understanding of Vulnerability management (scanning, remediation follow-up, false positive verification)
Conduct Network and System Vulnerability assessments and documentation of corrective/remediation actions
Drive the end-to-end vulnerability lifecycle from discovery to closure
Identify internal and external threats that could result in unauthorized disclosure, misuse, alteration, or destruction of customer’s information assets
Identify and prioritize all vulnerabilities in client environments and provide timely vulnerability assessment reports to key stakeholders
Ensure timely follow up with patch management and vulnerability remediation in coordination with Countermeasures personnel
Salary : As per industry standard.
Industry :IT-Software / Software Services
Functional Area : IT Software - Application Programming , Maintenance
Job Description for Incident Response Analyst:
2+ years of work experience in Information Security.
Should understand the incident response process and how to triage incidents.
Should have strong analytical and critical thinking skills.
Self-motivated individual with a technical background in enterprise technologies.
Should be able to perform analysis and investigation of information security events.
Understanding of cloud architecture and various cloud providers.
Familiarity and experience using log aggregation tools is a plus.
Ability to manage and multiple investigations.
Good technical documentation skills for developing whitepapers, reference architectures etc.
Ability to communicate and present data in a polished and easy to understand format.
Ability to work effectively in a complex, geographically dispersed, organization.
Knowledge on scripting (Python) is a plus.
Soft Skills
Excellent English language communication skills, both verbal and written. Cross-cultural etiquettes, customer centric and collaborative mindset.
Works autonomously within established procedures and practices.
Ability to communicate information to various levels of management and with various levels of technical understanding.
Good command on stakeholder management, judgement, conflict resolution, risk & mitigations.
Provide leadership to the global team at strategic, tactical, and operational level.
Additional Certifications
Certified Cloud Security Professional (CCSP)
AWS Certified Security
Join our team at Sony India Software Centre and contribute to ensuring the security and resilience of our digital infrastructure. We offer a competitive salary, excellent benefits, and the opportunity to work with cutting-edge technologies. Apply today and become part of our dedicated team of cybersecurity professionals shaping the future of digital security.
Education Qualificaiton:
Bachelor's degree
Responsibilities
Job Description for Incident Response Analyst:
2+ years of work experience in Information Security.
Should understand the incident response process and how to triage incidents.
Should have strong analytical and critical thinking skills.
Self-motivated individual with a technical background in enterprise technologies.
Should be able to perform analysis and investigation of information security events.
Understanding of cloud architecture and various cloud providers.
Familiarity and experience using log aggregation tools is a plus.
Ability to manage and multiple investigations.
Good technical documentation skills for developing whitepapers, reference architectures etc.
Ability to communicate and present data in a polished and easy to understand format.
Ability to work effectively in a complex, geographically dispersed, organization.
Knowledge on scripting (Python) is a plus.
Soft Skills
Excellent English language communication skills, both verbal and written. Cross-cultural etiquettes, customer centric and collaborative mindset.
Works autonomously within established procedures and practices.
Ability to communicate information to various levels of management and with various levels of technical understanding.
Good command on stakeholder management, judgement, conflict resolution, risk & mitigations.
Provide leadership to the global team at strategic, tactical, and operational level.
Additional Certifications
Certified Cloud Security Professional (CCSP)
AWS Certified Security
Join our team at Sony India Software Centre and contribute to ensuring the security and resilience of our digital infrastructure. We offer a competitive salary, excellent benefits, and the opportunity to work with cutting-edge technologies. Apply today and become part of our dedicated team of cybersecurity professionals shaping the future of digital security.
Education Qualificaiton:
Bachelor's degree
Salary : As per industry standard.
Industry :IT-Software / Software Services
Functional Area : IT Software - Application Programming , Maintenance
DevOps JD:
Profiles experienced only with 5+yrs and above. As we need relevant exp with 3.5+yrs in Azure DevOps.
5+ years of IT experience in app development and Microsoft Azure experience
Work Experience in Docker/ Containerization/ Azure Kubernetes Services (AKS), Azure portal, Azure Web App, Azure Service Bus,
Microservices, Azure function, Azure SQL, Azure Migration, Azure API Management, Azure App Services, Azure Logic Apps, Azure Application Insights, Azure Log Analysis, Azure Key Vault, Azure Service Bus , Azure Automation and Runbooks, Azure Blob Storage, Azure AD, Azure Stream Analytics, Azure RM Templates, Azure PowerShell, Azure Identity Management.
Experience in various programming and scripting languages especially Shell and Python scripting with focus on DevOps tools, CI/CD and performed configuration,
Deployment and support of cloud services on Azure Cloud Architecture.
Knowledge in building Cloud Native Architecture for the applications to support Azure’s fully managed application and data services such as Azure Event Hub, Azure App Service, Azure Kubernetes Services, Azure Spring Cloud.
Knowledge of cloud infrastructure, network and security, especially in Azure.
Good to have certifications on Azure (AZ-204, AZ-303, AZ-304).
Knowledge of Azure DevOps Continuous Integration / Continuous Delivery (CI/CD) implementing optimized development processes.
Self-disciplined, strong problem solving and trouble-shooting skills.
The ideal candidate should have good written and oral communication skills, also should have strong interpersonal skills.
Responsibilities
DevOps JD:
Profiles experienced only with 5+yrs and above. As we need relevant exp with 3.5+yrs in Azure DevOps.
5+ years of IT experience in app development and Microsoft Azure experience
Work Experience in Docker/ Containerization/ Azure Kubernetes Services (AKS), Azure portal, Azure Web App, Azure Service Bus,
Microservices, Azure function, Azure SQL, Azure Migration, Azure API Management, Azure App Services, Azure Logic Apps, Azure Application Insights, Azure Log Analysis, Azure Key Vault, Azure Service Bus , Azure Automation and Runbooks, Azure Blob Storage, Azure AD, Azure Stream Analytics, Azure RM Templates, Azure PowerShell, Azure Identity Management.
Experience in various programming and scripting languages especially Shell and Python scripting with focus on DevOps tools, CI/CD and performed configuration,
Deployment and support of cloud services on Azure Cloud Architecture.
Knowledge in building Cloud Native Architecture for the applications to support Azure’s fully managed application and data services such as Azure Event Hub, Azure App Service, Azure Kubernetes Services, Azure Spring Cloud.
Knowledge of cloud infrastructure, network and security, especially in Azure.
Good to have certifications on Azure (AZ-204, AZ-303, AZ-304).
Knowledge of Azure DevOps Continuous Integration / Continuous Delivery (CI/CD) implementing optimized development processes.
Self-disciplined, strong problem solving and trouble-shooting skills.
The ideal candidate should have good written and oral communication skills, also should have strong interpersonal skills.
Salary : As per industry standard.
Industry :IT-Software / Software Services
Functional Area : IT Software - Application Programming , Maintenance
Customer Name JOBCODE Mandatory skill OPEN POS. Rel./ Total Exp. Location Rate Range Client Interview BGV
VISA
2079745
• Good understanding of CI/CD technologies.
• Core Skills on Dockers, DevOps, Linux.
• DevOps experience with Jenkins, Ansible, Docker, Kubernetes.
• Good experience in java-based web applications.
• Implementing CI CD process.
• Expertise in Trouble shouting on java applications in Tomcat services and Web application in Apache.
1
4-6 years
Bangalore
Within 150K
Yes
Account BGV- 7 to 10 days
Agency Name JC Resume No Candidate name Email ID Contact details total experience Relevant experience Skill Notice Period Wo rate Work location Current location
What are responsibilities of Product / Site Reliability Engineer?
• Prime responsibility of Site Reliability Engineer is to make sure that environment is secure and safe. All security findings should be remediated within required resolution date defined by governance.
• We do not allow outage, even for a second. If any issue happens, as owner of the environment we do the needful to make sure those environments are up and running. Root cause analysis should be within hours. We make sure that findings are remediated in Production environment after all tests and checks in lower environments.
• As owner of environment, we keep track of all activities planned or happening in our environments. We are responsible for deploying new code in the environment.
• We look and analyze our environment regularly. If there is a manual task, we do automation of that. We are increasing selfheal capabilities and will continue to do the same until environments become auto-heal.
• If a new service is coming under our support or if migration of old environment is going to happen to new technologies, we start interaction with product developer to sketch out planning for production.
• As our business is running round the clock, we work in shift and synchronize with multiple locations and multiple tracks (sub team).
• We make sure that every activity is being recorded as per incident or change management process. Technical and related run books need to be prepared and shared with the team.
Qualifications
• Engineering degree in IT or Computer Science
• Having 5+ years of IT experience with expertise in DevOps, Build and release Engineering, Cloud Infrastructure and Automation, Tech support.
• Ability to work as team player.
• Good written and communication skills.
• Punctual to office time and work.
• Great with problem solving and troubleshooting.
• Ability to effectively prioritize and coordinate.
• Ability to learn fast and implement latest technology trends in the industry.
• Good understanding of CI/CD technologies.
• Core Skills on Dockers, DevOps, Linux.
• DevOps experience with Jenkins, Ansible, Docker, Kubernetes.
• Good experience in java-based web applications.
• Implementing CI CD process.
• Expertise in Trouble shouting on java applications in Tomcat services and Web application in Apache.
• Good Exposure on Virtualization and Containers (Docker).
• Ability to build deployment, build scripts and automated solutions using scripting languages such as Shell scripting (Bash) / Java Script / Python / Other
• Worked with Docker and created multiple containers and images and had experience on writing the Docker file.
• Created the deployments, services, and ingress flows for the application setup in the Kubernetes cluster.
• Participated in release level discussions and gone through the total SDLC and Agile methodology.
Support On-Call for all DevOps activities
Responsibilities
Customer Name JOBCODE Mandatory skill OPEN POS. Rel./ Total Exp. Location Rate Range Client Interview BGV
VISA
2079745
• Good understanding of CI/CD technologies.
• Core Skills on Dockers, DevOps, Linux.
• DevOps experience with Jenkins, Ansible, Docker, Kubernetes.
• Good experience in java-based web applications.
• Implementing CI CD process.
• Expertise in Trouble shouting on java applications in Tomcat services and Web application in Apache.
1
4-6 years
Bangalore
Within 150K
Yes
Account BGV- 7 to 10 days
Agency Name JC Resume No Candidate name Email ID Contact details total experience Relevant experience Skill Notice Period Wo rate Work location Current location
What are responsibilities of Product / Site Reliability Engineer?
• Prime responsibility of Site Reliability Engineer is to make sure that environment is secure and safe. All security findings should be remediated within required resolution date defined by governance.
• We do not allow outage, even for a second. If any issue happens, as owner of the environment we do the needful to make sure those environments are up and running. Root cause analysis should be within hours. We make sure that findings are remediated in Production environment after all tests and checks in lower environments.
• As owner of environment, we keep track of all activities planned or happening in our environments. We are responsible for deploying new code in the environment.
• We look and analyze our environment regularly. If there is a manual task, we do automation of that. We are increasing selfheal capabilities and will continue to do the same until environments become auto-heal.
• If a new service is coming under our support or if migration of old environment is going to happen to new technologies, we start interaction with product developer to sketch out planning for production.
• As our business is running round the clock, we work in shift and synchronize with multiple locations and multiple tracks (sub team).
• We make sure that every activity is being recorded as per incident or change management process. Technical and related run books need to be prepared and shared with the team.
Qualifications
• Engineering degree in IT or Computer Science
• Having 5+ years of IT experience with expertise in DevOps, Build and release Engineering, Cloud Infrastructure and Automation, Tech support.
• Ability to work as team player.
• Good written and communication skills.
• Punctual to office time and work.
• Great with problem solving and troubleshooting.
• Ability to effectively prioritize and coordinate.
• Ability to learn fast and implement latest technology trends in the industry.
• Good understanding of CI/CD technologies.
• Core Skills on Dockers, DevOps, Linux.
• DevOps experience with Jenkins, Ansible, Docker, Kubernetes.
• Good experience in java-based web applications.
• Implementing CI CD process.
• Expertise in Trouble shouting on java applications in Tomcat services and Web application in Apache.
• Good Exposure on Virtualization and Containers (Docker).
• Ability to build deployment, build scripts and automated solutions using scripting languages such as Shell scripting (Bash) / Java Script / Python / Other
• Worked with Docker and created multiple containers and images and had experience on writing the Docker file.
• Created the deployments, services, and ingress flows for the application setup in the Kubernetes cluster.
• Participated in release level discussions and gone through the total SDLC and Agile methodology.
Support On-Call for all DevOps activities
Salary : As per industry standard.
Industry :IT-Software / Software Services
Functional Area : IT Software - Application Programming , Maintenance
Functional / Technical support for resolution of customer queries / problems / requests / incidents. Track incidents , share notifications and follow ups required.
International voice / call support experience is mandatory.
Responsibilities
Functional / Technical support for resolution of customer queries / problems / requests / incidents. Track incidents , share notifications and follow ups required.
International voice / call support experience is mandatory.
Salary : Rs. 3,00,000.0 - Rs. 4,80,000.0
Industry :IT-Software / Software Services
Functional Area : IT Software - Application Programming , Maintenance
Functional / Technical support for resolution of customer queries / problems / requests / incidents. Track incidents , share notifications and follow ups required.
International voice / call support experience is mandatory.
Responsibilities
Functional / Technical support for resolution of customer queries / problems / requests / incidents. Track incidents , share notifications and follow ups required.
International voice / call support experience is mandatory.
Salary : Rs. 3,00,000.0 - Rs. 4,80,000.0
Industry :IT-Software / Software Services
Functional Area : IT Software - Application Programming , Maintenance