Lead Cybersecurity - Vulnerability Management

Job Description:

Lead Cybersecurity - Vulnerability Management

About the Job:

This position is a Lead Cyber Security, responsible for contributing to 24/7 coverage of the latest cybersecurity threats, specifically focusing on vulnerability intelligence. This role requires a proactive approach to identifying, analyzing, and mitigating security vulnerabilities to ensure the safety and integrity of our systems, networks, and applications.

Experience Level: 12+ years

Location: Hyderabad or Bengaluru

Roles and Responsibilities:

• Continuous monitoring and analysis of cybersecurity threats, requiring shifts and on-call availability to provide round-the-clock coverage.
• Vulnerability Assessments: Regular assessments of systems, networks, and applications to identify and evaluate security vulnerabilities. This involves using various tools and techniques to conduct thorough assessments.
• Risk Assessments: Detailed risk assessments based on identified vulnerabilities to determine the potential impact and exploitability. This includes preparing comprehensive reports and documentation.
• Mitigation Strategies: Development and implementation of effective strategies to mitigate identified vulnerabilities. This requires collaboration with cross-functional teams and staying updated with the latest security practices.
• Reporting and Documentation: Preparation of detailed reports and documentation on findings, recommendations, and remediation efforts. This includes maintaining accurate records and ensuring compliance with regulatory requirements.
• Threat Intelligence Response: Evaluation and response to weekly internal threat intelligence alerts. This involves analyzing alerts, determining the level of risk, and taking appropriate actions to address potential threats.

Primary / Mandatory skills:

• 12+ years of Proven experience using threat intelligence to prioritize remediation efforts
• 8+ years of experience with vulnerability management technology, process, and programs.
• Working knowledge of cloud security and web application security testing
• Continual assessment of enterprise attack surface using tools such as Tenable, Xpanse, and Censys.
• Proficiency in using vulnerability assessment tools such as Nessus, Qualys, and OpenVAS
• Strong understanding of network protocols, operating systems, and security frameworks

Additional information (if any): Flexible to provide coverage in US morning hours upon need and on call weekend coverage.

Certification: Relevant certifications such as CISSP or CCSP or equivalent are highly desirable.

Weekly Hours:

Time Type:

Location:

It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.