About the Role:
We are looking for an experienced Cyber Security Engineer with a strong focus on Patch
Management, and Vulnerability Assessment and Penetration Testing (VAPT). The role will
also involve working with advanced Managed Detection and Response (MDR) monitoring
systems, and Network Detection and Response (NDR) solutions. This position requires a
professional who will be instrumental in improving the security posture of the organization,
coordinating VAPT assessments with vendors, and implementing and managing Data Loss
Prevention (DLP) solutions.
If you have strong expertise in vulnerability management, patching, and penetration testing
along with knowledge in the latest cybersecurity technologies, this is an exciting opportunity for
you to contribute to our team.
Key Responsibilities:
Vulnerability Assessment, Patch Management, and VAPT (70%):
• Vulnerability Assessments (VA):
Perform comprehensive vulnerability assessments using tools like Qualys to identify, assess, and prioritize vulnerabilities across the organization’s infrastructure (networks, servers, applications, and endpoints).
• Patch Management:
Manage and coordinate the patching process across the organization’s assets to mitigate discovered vulnerabilities. Ensure that patches are applied promptly, minimizing potential security risks.
• VAPT Coordination:
Manage and coordinate with external vendors for Vulnerability Assessment and Penetration Testing (VAPT) assessments. Review findings and collaborate with stakeholders for timely remediation of vulnerabilities.
• Risk Assessment:
Analyze and categorize vulnerabilities based on their severity, risk impact, and exploitability. Work closely with the IT and development teams to prioritize remediation efforts.
• Reporting:
Provide detailed reports on vulnerabilities, patching status, and progress made on VAPT
activities to senior management and relevant stakeholders.
DLP Solution Management (15%):
• Manage Data Loss Prevention (DLP) solutions to safeguard sensitive data and prevent
unauthorized data access, sharing, or exfiltration.
• Design, deploy, and configure DLP policies based on organizational needs and regulatory compliance requirements.
• Monitor and respond to DLP alerts, ensuring proper handling and containment of potential data breaches.
SIEM/MDR/NDR Monitoring (15%):
• SIEM/MDR Monitoring:
Utilize SIEM/MDR platforms to collect, correlate, and analyse security event data across the network to identify threats and vulnerabilities.
Monitor security incidents, provide real-time threat detection, and support response efforts.
• NDR Solutions:
Manage NDR technologies to monitor network traffic and detect anomalies, intrusions,
or suspicious activity within the organization's infrastructure.
Collaboration and Incident Response:
• Collaborate with cross-functional teams, including IT, operations, and DevOps, to ensure vulnerability management, patching, and security best practices are followed.
• Participate in incident response activities, providing expertise in investigating security
incidents, performing root cause analysis, and suggesting corrective actions.
• Develop and conduct internal training and awareness programs on cybersecurity best
practices and vulnerability management.
Required Qualifications & Skills:
• 5+ years of experience in Cybersecurity with a strong focus on Vulnerability
Management, Patch Management, and VAPT assessments.
• In-depth experience with Qualys for vulnerability assessments and remediation.
• Experience with coordinating and managing VAPT assessments and working with thirdparty
vendors for penetration testing.
• Understanding on SIEM/MDR platforms and their working mechanisms
• Understanding of DLP solutions (e.g., Forcepoint, Digital Guardian) and log monitoring.
• Familiarity with NDR tools (e.g., Darktrace, Vectra AI, ExtraHop).
• Strong understanding of security frameworks such as NIST, ISO 27001, CIS Controls, OWASP Top 10 & CWE Top 25.
• Proficiency in scripting and automation to streamline security processes (e.g., Python, PowerShell, Bash).
• Knowledge of patch management and best practices using Qualys
• Strong analytical skills and the ability to identify and mitigate potential vulnerabilities and threats.
Preferred Qualifications:
• Certifications such as:
o Qualys (VMDR/PM/PCI) modules
o CEH (Certified Ethical Hacker)
o CompTIA Security+
o GIAC GPEN (GIAC Penetration Tester)
• Familiarity with cloud security best practices and tools (e.g., AWS, Azure security services).
• Experience with vulnerability scanning tools (e.g., Qualys (mandatory) and others Tenable Nessus, Acunetix).
What We Offer:
• Competitive salary and benefits package.
• Opportunities for career growth and advancement.
• A collaborative, fast-paced work environment.
• Exposure to cutting-edge cybersecurity technologies.