Bangalore, MAHARASHTRA, India
As a
Senior Vulnerability Engineer at First Advantage (FA), you will be responsible for leading and evolving the organization’s vulnerability management program across cloud, on-premises, and hybrid environments. You will drive the identification, analysis, and remediation of critical security issues, while developing automated workflows and executive-level reporting to measure and improve risk posture. You will serve as a key liaison between security, infrastructure, and compliance teams, ensuring alignment with industry standards and audit requirements. This role is ideal for a technically skilled and process-oriented professional who is passionate about reducing risk, mentoring others, and strengthening enterprise security through scalable and strategic solutions.
Roles and responsibilities:-
Lead Vulnerability Scanning Operations: Oversee and optimize vulnerability scanning across cloud, on-premises, and hybrid environments to ensure comprehensive coverage and timely detection of security risks.
-
Coordinate Risk Analysis and Remediation: Lead the triage and risk assessment of critical vulnerabilities, coordinating remediation efforts with technical teams to reduce exposure and improve response times.
-
Develop Dashboards and Reports: Build and maintain executive-level dashboards and reports to track key metrics such as mean time to remediation (MTTR), vulnerability trends, and risk posture.
-
Automate and Streamline Workflows: Design and implement automated scanning and remediation workflows to enhance efficiency, consistency, and scalability of the vulnerability management program.
-
Collaborate Across Teams: Partner with infrastructure, application, compliance, and security teams to resolve systemic issues, align on priorities, and drive continuous improvement in security posture.
-
Support Compliance and Audit Readiness: Assist in maintaining compliance with internal policies and external frameworks (e.g., NIST, ISO), and ensure audit-ready documentation of standards and procedures.
-
Mentor and Develop Talent: Provide guidance and mentorship to Vulnerability Engineers, contributing to team training, knowledge sharing, and process development.
-
Enhance Program Maturity: Continuously evaluate and improve vulnerability management practices, tools, and processes to align with evolving threats and organizational goals.
Skill required:-
Vulnerability Management Expertise: Extensive experience with enterprise vulnerability scanning platforms (e.g., Tenable, Qualys, Rapid7) and the ability to interpret and act on scan results effectively. Experience building and deploying these tools preferred.
- Risk Analysis and Remediation Coordination: Proven ability to assess risk, prioritize vulnerabilities, and coordinate remediation efforts across technical teams.
-
Cloud and Infrastructure Knowledge: Familiarity with cloud platforms (e.g., AWS, Azure, GCP) and hybrid infrastructure environments, including native security tools and configurations.
-
Reporting and Metrics Development: Experience building dashboards and reports to track key metrics like MTTR, exposure trends, and remediation progress using tools such as Power BI, Tableau, or similar.
-
Communication and Cross-Functional Collaboration: Strong communication skills with the ability to present technical findings to both technical and executive stakeholders, and a proven track record of working collaboratively across infrastructure, application, and compliance teams to drive security improvements.
-
Self-Starter: A self-starter with a continuous improvement mindset, demonstrating the ability to take initiative and drive projects forward in a cross-functional environment.
-
Automation and Scripting: Proficiency in scripting languages such as Python, Bash, or PowerShell to automate scanning and remediation workflows preferred.
Qualifications:-
Experience: 6-10+ years of experience in cybersecurity, with focus on vulnerability management and/or risk analysis
-
Education: Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field preferred; equivalent professional experience will also be considered.
-
Certifications: Relevant certifications in cybersecurity, such as CISSP, OSCP, or GIAC preferred.
Work Location: Mumbai / Bangalore
Joining time needed :15 days
Employee Stock Purchase Plan
