Specialist- Vulnerability Management
Ujjivan Small Finance Bank · Bengaluru, Karnataka, India
Ujjivan Small Finance Bank · Bengaluru, Karnataka, India
**Job Title:** **Specialist – Vulnerability Management (Infrastructure Security)** **Experience:** - Total Experience: Not more than 5 years - Relevant/Core Experience: 2–4 years in Vulnerability Management / Infrastructure Security **Role Overview:** We are looking for a skilled Vulnerability Management professional with strong hands-on experience in infrastructure security (servers, databases, network devices, and security systems). The role demands a 70% technical focus and 30% reporting & coordination, ensuring end-to-end vulnerability lifecycle management—from identification to remediation and closure. **Key Responsibilities:** **1. Vulnerability Assessment & Analysis** - Perform vulnerability scans across servers, databases, network devices, and security appliances - Use tools like Qualys, Nessus for automated scanning and validation - Conduct manual validation for false positives and configuration weaknesses - Prioritize vulnerabilities based on CVSS, risk impact, and business criticality **2. Remediation & System Hardening** - Drive remediation activities with IT Infra, application, and platform teams - Provide remediation guidance, patch advisory, and system hardening recommendations - Track remediation SLAs and ensure closure within defined timelines - Perform verification scans and validate closure of vulnerabilities **3. Reporting & Governance** - Prepare vulnerability reports, dashboards, and metrics for management review - Publish periodic reports (weekly/monthly) with status, trends, etc. - Highlight critical risks, overdue items, and escalation points - Support audits, compliance reviews, and regulatory requirements **Required Skills & Qualifications:** **Technical Skills:** - Strong understanding of Infrastructure Security (OS, DB, Network, Security devices) - Hands-on experience in Qualys / Nessus / similar vulnerability scanners - Knowledge of patch management, system hardening, and secure configurations - Familiarity with CVSS, OWASP Top 10, SANS Top 25 frameworks **Other Skills:** - Strong analytical and problem-solving skills - Ability to work with cross-functional teams - Good communication and reporting skills **Preferred Qualifications:** - Certifications like CEH, Security+, or equivalent (optional)