YASH Technologies is a leading technology integrator specializing in helping clients reimagine operating models, enhance competitiveness, optimize costs, foster exceptional stakeholder experiences, and drive business transformation.
At YASH, we're a cluster of the brightest stars working with cutting-edge technologies. Our purpose is anchored in a single truth bringing real positive changes in an increasingly virtual world and it drives us beyond generational gaps and disruptions of the future.
We are looking forward to hire Vulnerability Remediation Service Professionals in the following areas :
3 to 5 Yrs Experience in Infra and Cloud Security
JD For L2 Resource For VMS
Performing scans to identify vulnerabilities or confirm compliance to security standards
Provides recommendations on improving the security posture of the client's enterprise
Maintain knowledge of in-the-wild vulnerability exploitation techniques, assess risk to enterprise and prioritize remediation
Configure and run automated vulnerability scanning tools, prioritize remediation, and track exceptions
Assessment of threats and vulnerabilities based on enterprise vulnerability management framework
Assignment of remediation tasks to the affected groups and tracking of remediation through closure
Management of vulnerability lifecycle including ensuring timelines, lifecycle phase management, and recording evidence as needed
Interface with groups across the organization to drive remediation of identified vulnerabilities
Central tracking and management of enterprise vulnerabilities
Enhance proactive remediation of vulnerabilities identified by various sources
Review and analyse vulnerability scan data, determine action items and ensure remediation
Help standardize processes and procedures and provide improvement
Execute processes and tasks under continuous vulnerability monitoring initiative
Produce metrics to demonstrate process effectiveness and remediation across the enterprise
Develop long term server integrity strategies and solutions
Communicate compliance issues to IT managers in an effective and appropriate manner
Abilities to create and implement processes that can scale
Good understanding of technology concepts
Familiarity with good security practices and implementation of these concepts in various scenarios
Ability to assimilate technical and voluminous data and translate into layman terms
Ability to craft presentations (PPT, PowerBI, Excel etc) and updates for senior management
Ability to work well under pressure and juggle multiple priorities
Skill Matrix L2
Technical Proficiency
Understanding of common vulnerabilities and exposures (CVEs).
Familiarity with vulnerability assessment tools such as Nessus, Qualys, OpenVAS, etc.
Ability to interpret scan results and prioritize vulnerabilities based on risk.
Knowledge of different types of vulnerabilities (e.g., SQL injection, XSS, CSRF) and their implications.
Competence in vulnerability remediation techniques and best practices.
Platform Knowledge
Scanning Tool - Qualys VMDR, AppOmni, Cloud Optix, MS-Defender for Cloud etc
Proficiency in operating system security (Windows, Linux, Unix, etc.).
Understanding of network security concepts and protocols (TCP/IP, firewalls, VPNs, etc.).
Familiarity with cloud platforms (AWS, Azure, Google Cloud) and associated security controls.
Risk Assessment And Management
Capability to assess the severity and potential impact of vulnerabilities.
Understanding of risk assessment methodologies (e.g., CVSS scoring) and frameworks (e.g., NIST Cybersecurity Framework).
Ability to communicate effectively with stakeholders regarding risk exposure and mitigation strategies.
Incident Response
Awareness of incident response procedures related to vulnerability exploitation.
Familiarity with security incident handling and escalation processes.
Capacity to collaborate with incident response teams to address vulnerabilities in a timely manner.
Documentation And Reporting
Proficiency in documenting vulnerability assessment findings, remediation efforts, and residual risks.
Capability to generate clear and concise reports for various stakeholders, including technical and non-technical audiences.
Ability to track and maintain records of vulnerabilities and their status over time.
Continuous Learning And Improvement
Eagerness to stay updated on emerging threats, vulnerabilities, and industry best practices.
Willingness to pursue relevant certifications (e.g., CompTIA Security+, CEH) and participate in training programs.
Capacity to adapt and evolve in response to changing technology landscapes and security requirements.
At YASH, you are empowered to create a career that will take you to where you want to go while working in an inclusive team environment. We leverage career-oriented skilling models and optimize our collective intelligence aided with technology for continuous learning, unlearning, and relearning at a rapid pace and scale.
Our Hyperlearning workplace is grounded upon four principles
- Flexible work arrangements, Free spirit, and emotional positivity
- Agile self-determination, trust, transparency, and open collaboration
- All Support needed for the realization of business goals,
- Stable employment with a great atmosphere and ethical corporate culture
