Job Title:Vulnerability Management (VM) Engineer
Location:Bangalore /Karnataka
Years of experience - 4 to 6 years
ABOUT THE TEAM & ROLE:
The Vulnerability Management (VM) Engineer is responsible for the day-to-day management and remediation of vulnerabilities across systems, networks, and applications. This role involves assessing security vulnerabilities, supporting the VM lifecycle, and working closely with cross-functional teams to ensure vulnerabilities are prioritized, addressed, and remediated efficiently. The Engineer will also provide escalation support, analyze vulnerability reports, and recommend security controls to mitigate risks.
What qualities are we looking for
. Vulnerability Scanning: Perform regular vulnerability scans across IT infrastructure, applications, and networks using vulnerability management tools (e.g., Qualys, Tenable, Rapid7).
. Vulnerability Analysis: Analyze vulnerability reports to determine the risk level and impact of vulnerabilities. Ensure that vulnerabilities are accurately categorized and prioritized.
. Patch Management: Coordinate with system administrators, network teams, and application owners to implement patches, configuration changes, and remediation actions in response to identified vulnerabilities.
. Remediation Coordination: Follow up with responsible teams to ensure timely remediation of vulnerabilities and track progress. Escalate unaddressed vulnerabilities to relevant stakeholders.
. Incident Response Support: Collaborate with the incident response team to investigate and address vulnerabilities that may have contributed to security incidents.
. Threat Intelligence: Stay updated on emerging vulnerabilities, threats, and mitigation techniques, and provide recommendations for security enhancements.
. Compliance Support: Ensure vulnerability management processes align with regulatory compliance requirements (e.g.,PCI-DSS, SOX) and internal security policies.
. Documentation: Maintain detailed records of vulnerability management activities, including scan results, risk assessments, and remediation efforts. Prepare reports for stakeholders.
. Automation & Optimization: Identify opportunities to automate vulnerability scanning and reporting processes to improve efficiency and reduce manual effort.
. L2 Support: Provide Level 2 escalation support to resolve complex vulnerability management issues and work closely with seniors for advanced troubleshooting and remediation.
What will you get to do here
. Technical Knowledge: In-depth understanding of vulnerability scanning tools and technologies (e.g., Qualys, Tenable, Rapid7) and familiarity with security best practices.
. Operating Systems: Knowledge of multiple operating systems, including Windows, Linux, and Unix, and understanding of patch management processes.
. Networking: Strong understanding of networking concepts (e.g., firewalls, routers, switches) and how vulnerabilities affect network security.
. Scripting Skills: Proficiency in scripting languages such as PowerShell, Python, or Bash for automating tasks and reports is a plus.
. Security Frameworks: Familiarity with security standards and frameworks such as NIST, ISO 27001, CIS Controls, etc.
. Problem Solving: Strong analytical skills to assess risk, prioritize vulnerabilities, and develop remediation strategies.
. Communication: Excellent verbal and written communication skills, with the ability to work with technical and non-technical teams effectively.
. 4+ years of experience in cybersecurity, vulnerability management, or a related field.
. Experience with vulnerability scanning tools such as Qualys, Tenable, Rapid7, or similar.
. Experience in coordinating remediation efforts with cross-functional teams.
. Familiarity with ITIL and incident management processes is preferred.
Certifications (Preferred):
. CompTIA Security+
. Certified Information Systems Security Professional (CISSP)
. Certified Ethical Hacker (CEH)
. GIAC Certified Incident Handler (GCIH)
Visit our tech blogs to learn more about some the challenges we deal with:
https://bytes.swiggy.com/the-swiggy-delivery-challenge-part-one-6a2abb4f82f6
https://bytes.swiggy.com/swiggy-distance-service-9868dcf613f4
https://bytes.swiggy.com/the-tech-that-brings-you-your-food-1a7926229886
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, disability status, or any other characteristic protected by the law.
