VMS Architect - Hybrid - Chennai

Job Responsibilities

• Design, implement, and optimize vulnerability management frameworks and solutions for managed security services customers.
• Collaborate with stakeholders to understand their security needs and develop tailored vulnerability management strategies.
• Integrate vulnerability management tools with other security platforms such as SIEM, SOAR, and asset management systems.
• Perform regular vulnerability scans, prioritize findings, and provide actionable remediation plans to reduce risk.
• Develop and maintain dashboards, reports, and metrics to provide clear visibility into the organization's vulnerability landscape.
• Conduct root cause analysis for recurring vulnerabilities and recommend long-term mitigation strategies.
• Ensure compliance with organizational policies, regulatory requirements, and industry standards for vulnerability management.
• Collaborate with the Security Operations Center (SOC), network security, and application development teams to improve security posture.
• Conduct training and knowledge-sharing sessions for internal teams and customers to maximize the effectiveness of vulnerability management processes.
• Stay current with emerging vulnerabilities, threat intelligence, and best practices to continuously enhance security offerings.
• Provide expert-level troubleshooting and resolution support for complex vulnerability management issues.

Job Qualifications

Experience

• 5+ years of hands-on experience in vulnerability management, including the use of tools such as Qualys, Tenable, or Rapid7.
• Strong expertise in vulnerability assessment, risk prioritization, and remediation processes.
• Experience integrating vulnerability management solutions with SIEM, SOAR, and other security tools.
• Proven track record of developing scalable and automated vulnerability management workflows.

Technical Skills

• Proficiency in using vulnerability management tools (e.g., Qualys, Tenable, Rapid7) and their integration with other security platforms.
• Strong understanding of security frameworks such as MITRE ATT&CK, NIST, CIS, and ISO 27001.
• Knowledge of scripting languages (e.g., Python, PowerShell) for automation and data analysis.
• Familiarity with cloud environments and their vulnerability management (e.g., Azure, AWS, GCP).

Education and Certifications

• Bachelors degree in cybersecurity, information technology, or a related field (or equivalent experience).
• Industry certifications such as:
• CISSP, CISM, or CISA
• CompTIA Security+
• GIAC certifications (e.g., GCIH, GCIA)
• Vendor-specific certifications (e.g., Qualys Certified Specialist, Tenable Certified Engineer)