2+ Vulnerability assessment Jobs in Chennai | Vulnerability assessment Job openings in Chennai

Key Responsibilities:

1. Threat Research: Work on researching emerging cyber threats specifically. You will monitor threat actor activities, study their tactics, techniques, and procedures (TTPs), and help identify potential risks.

2. Alert Triage and Incident Analysis: Support the analysis of security alerts generated by our in-house platform. You will work alongside the team to identify critical issues and provide timely

intelligence to help mitigate threats.

3. Data Collection and OSINT: Assist in gathering and analyzing data using Open Source Intelligence (OSINT) methodologies. You will help collect relevant information to support ongoing threat investigations.

4. Report Preparation: Contribute to the preparation of threat intelligence reports for internal and external stakeholders. You will learn how to convey complex technical information in a clear and

actionable manner.

5. SOP Development: Collaborate with the team to develop and refine Standard Operating Procedures (SOPs) for systematic threat analysis. Your input will help ensure that our procedures are efficient and scalable.

6. Cross-functional Collaboration: Work closely with various teams, including product development and data acquisition, to support the integration of new intelligence sources and improve the effectiveness of our threat intelligence platform.

Key Qualifications:

Educational Background: Completed a degree in Cybersecurity, Computer Science, Information Technology, or a related field.

Basic Knowledge of Cybersecurity: A foundational understanding of cybersecurity concepts, including web application security, threat analysis, and vulnerability assessment.

Familiarity with OSINT: Basic knowledge of Open Source Intelligence (OSINT) tools and methodologies for data collection.

Technical Skills: Familiarity with scripting languages such as Python, Ruby, or GO is a plus.

Experience with automation and data analysis tools will be advantageous.

Communication Skills: Strong written and verbal communication skills, with the ability to learn how to convey technical findings effectively.

Problem-Solving and Adaptability: A proactive attitude with strong problem-solving skills. You should be comfortable learning in a fast-paced and dynamic environment.

Additional Skills:

Interest in Cybersecurity Challenges: Participation in bug bounty programs, Capture The Flag (CTF) challenges, or cybersecurity competitions is a plus.

Willingness to Learn: A keen interest in developing skills in threat intelligence, threat actor profiling, and behavioral analysis.

We are seeking a Security Program Manager to effectively drive Privacy & Security Programs in collaboration with cross functional teams. You will partner with engineering leadership, product management and development teams to deliver more secure products.

Roles & Responsibilities:

• Work with multiple stakeholders across various departments such as IT, Engineering, Business, Legal, Finance etc to implement controls defined in policies and processes.
• Manage projects with security and audit requirements with internal and external teams and serve as a liaison among all stakeholders.
• Managing penetration tests and security reviews for core applications and APIs.
• Identify, create and guide on privacy and security requirements considering applicable Data Protection Laws and implement them across software modules developed at Netmeds.
• Brainstorm with engineering teams to figure out how privacy and security controls can be applied to Netmeds tech stack.
• Coordination with Infra Teams and Dev Teams on DB and application hardening, standardization of server images / containerization.
• Assess vendors' security posture before onboarding them and after they qualify, review their security posture at a set frequency.
• Manage auditors and ensure compliance for ISO 27001 and other data privacy audits.
• Answer questions or resolve issues reported by the external security researchers & bug bounty hunters.
• Investigate privacy breaches.
• Educate employees on data privacy & security.
• Prioritize security requirements based on their severity of impact and product roadmap.
• Maintain a balance of security and business values across the organisation.

 Required Skills:

• Web Application Security, Mobile Application Security, Web Application Firewall, DAST, SAST, Cloud Security (AWS), Docker Security, Manual Penetration Testing.
• Good hands-on experience in handling tools such as vulnerability scanners, Burp suite, patch management, web filtering & WAF.

• Familiar with cloud hosting technologies (ex. AWS, Azure). Understanding of IAM, RBAC, NACLs, and KMS.

• Experience in Log Management, Security Event Correlation, SIEM.
• Must have strong interpersonal skills and should be able to communicate complex ideas seamlessly in written and verbal communication.

Good to Have Skills:

• Online Fraud Prevention.
• Bug Bounty experience.
• Security Operations Center (SOC) management.
• Experience with Amazon AWS services (EC2, S3, VPC, RDS, Cloud watch).
• Experience / Knowledge on tools like Fortify and Nessus.
• Experience in handling logging tools on docker container images (ex. Fluentd).