EY TC-CS-CTM-Vulnerability Management-Staff 

India, Kerala, Thiruvananthapuram 

443144544

Your key responsibilities

• Must have handled a Vulnerability Management process for a large enterprise using any one of the solutions: Qualys / Nexpose / Tenable or similar
• Must have thorough understanding about the Vulnerability Management and Exception & Exemption process on Cloud hosted systems, databases, web services and other widely deployed infrastructure components
• Ability to work both independently as well as lead a team of experienced staff to manage the vulnerability management program.
• Provide technical leadership and advise to team members in order to ensure the effectiveness of the program.
• Provide guidance on risk management principles and practices to junior staff regularly.
• Lead analysis of the current environment to detect critical deficiencies and recommends solutions for improvement
• Review findings from and identify root causes for common issues and provide recommendations for sustainable improvements
• Able to identify and exploit security vulnerabilities in a wide array of systems in a variety of situations
• Research and report on security vulnerabilities and latest advancements in the vulnerability management lifecycle
• Understand EY and its service lines and actively assess what the firm can deliver to serve clients.
• Facilitate discussions / knowledge sharing with key client personnel and contribute to EY’s thought leadership
• Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business.
• Actively contribute to improving operational efficiency through standardization and process automation on client engagements and internal initiatives

Skills and attributes for success

• Understanding of web-based application vulnerabilities (OWASP Top 10).
• Understanding of TCP/IP network protocols.
• Understanding of network security and popular attacks vectors.
• Ability to communicate detailed technical information to a non-technical audience clearly
• Good to have experience with Operation Technology / Internet of Things, Cloud technologies (AWS, Azure, GCP), Active Directory and 802.1x penetration testing
• Strong understanding of security principles, policies, and industry best practices
• Demonstrable flair for technical writing, including engagement reports, presentations and operating procedures

To qualify for the role, you must have

• Graduates / BE / BTech / MSc / MTech / MBA in the fields of Computer Science, Information Systems, Engineering, Business or related major with minimum 3 years of work experience especially in penetration testing and vulnerability assessment.
• Any one of the following technical certifications: CEH, Qualys Certified Specialist, CISM
• Knowledge of Windows, Linux, UNIX, any other major operating systems
• Willingness to work in shifts

Ideally, you’ll also have

• Project management skills
• Certifications: CEH, Qualys Certified Specialist, Tenable, Rapid7, CISM

What we look for

• Who can help in vulnerability toll implementation and scanning operations and provide analysis for the scanning results including remediation.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.