Greetings From TCS!!Position : Vulnerability ManagementExperience : 7+ yearsLocation : BangaloreJob Description :- Monitor & Administer Rapid7 InsightVM, CrowdStrike Spotlight dashboards and daily scan status. - Perform and Validate scan results, failures, authentication issues, and asset discovery errors. - Execute scheduled and on-demand scans across servers, endpoints, cloud, and network. - Identify new assets and ensure proper tagging and inclusion in scanning scope. - Perform authenticated scans using approved credentials. - Identify high/critical vulnerabilities and assign remediation tickets. - Maintain daily/weekly operational vulnerability summary reports. - Administer Rapid7 InsightVM: scan engines, sites, templates, asset groups. - Configure authenticated scans and troubleshoot credential failures. - Manage CrowdStrike Spotlight asset visibility and vulnerability correlation. - Tune scan templates to reduce latency and false positives. - Analyze vulnerabilities based on CVSS, EPSS, RealRisk, KEV, exploit intelligence. - Validate false positives with application/infra teams and re-scan for verification. - Prioritize vulnerabilities using exploit-based and business-risk-based approaches. - Coordinate remediation with IT, cloud, network, and application owners. - Track remediation SLAs and manage vulnerability exception workflows. - Integrate VM tools with SIEM (Splunk, QRadar, Chronicle) for event correlation. - Create vulnerability dashboards and reporting for leadership. - Configure cloud connectors for AWS, Azure, GCP and validate scan coverage. - Manage VM configurations in secondary tools: Qualys policies, Nessus repositories, Tanium modules, Defender TVM exposure dashboards. - Architect enterprise-level vulnerability management strategy across hybrid/multi-cloud. - Lead onboarding of global environments, network segments, cloud workloads, OT/IoT. - Develop automation using Python/PowerShell for scan scheduling, data extraction, ticket creation, and exception workflows. - Implement CI/CD pipeline vulnerability scanning for DevSecOps environments. - Correlate vulnerabilities with threat intelligence, exploit kits, malware campaigns. - Manage enterprise governance: remediation SLAs, exception policies, escalation matrix. - Conduct periodic vulnerability posture reviews and risk reduction roadmaps. - Maintain compliance alignment: ISO 27001, PCI-DSS, NIST CSF, CIS benchmarks. - Lead cross-tool migrations and unified vulnerability reporting architecture. - Mentor L1/L2 teams, build SOPs, knowledge bases, and operational playbooks. - Manage integration of VM tools with CMDB, patching systems (SCCM/Intune/Tanium), EDR tools, and cloud native scanners.Thanks & Regards,Divya Jillidimudi
Job Title
Vulnerability Management