Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
- Gratuity calculator
  
  Check your gratuity amount
- HRA calculator
  
  Check how much of your HRA is tax-free
- Salary hike calculator
  
  Check your salary hike
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 2K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

WINNERS AWAITED!
- ABECA 2025
  
  WINNERS AWAITED!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

For Employers

Add office photos

Premium Employer

Blue Yonder

Compare

3.9

based on 519 Reviews

87 Blue Yonder Jobs

Infrastructure Vulnerability Consultant - (Cloud Security CSPM)

JDA Software

3.9

based on 519 Reviews

6-8 years

Bangalore / Bengaluru

1 vacancy

Infrastructure Vulnerability Consultant - (Cloud Security CSPM)

Blue Yonder

posted 5mon ago

Job Role Insights

Flexible timing

Key skills for the job

Computer Science Customer Service Automation Testing Information Technology Microsoft Power BI Information Security

+ 4 more

Job Description

Core responsibilities include assessing and promoting remediation for all the assets in the Infrastructure as a Service (IaaS) and Software as a Service (Saas).
The candidate will be a key member of the centralized information security team.

What you ll do:

Perform vulnerability scans and report findings for On-prem and Cloud networks.
Proficiency in automation or scripting .
Publish the vulnerability status reports to senior management and track remediation.
Define and participate in the implementation of On-prem and Cloud architecture and security controls.
Proactive identification of threats and risk remediation.
Discover the assets in the cloud infrastructure to identify and continuously monitor for security vulnerabilities and misconfigurations.
Discover and continuously monitor for vulnerabilities in cloud workloads including dockers, Kubernetes, and containers.
Create golden images for virtual machines, dockers and containers to be spun up for the business.
Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
Upgrade security systems by monitoring the security environment; identifying security gaps; and evaluating and implementing enhancements.
Participate in and assist with the incident response team, as appropriate.
Generate metrics for the Management as needed.
Prepare system security reports by collecting, analyzing, and summarizing data and trends.

What we are looking for:

6+ years of proven experience in Information security or Vulnerability Management and at least 3-5 years of experience in Cloud security; a Master s degree can be substituted for experience.
Proven experience in automation or scripting.
Extensive experience in public cloud infrastructure such as Microsoft, Google, or AWS.
Strong expertise in Vulnerability and Threat Management, gathering and condensing threat intelligence into actionable and meaningful communication materials.
Bachelor s degree in information security or Information Technology or Computer Science or related fields or from STEM
Deep and diverse experience architecting and implementing network security designs. Expert in network security, system security and endpoint security.
Through understanding security vulnerabilities and misconfigurations in the cloud infrastructure.
Thorough understanding of native cloud solutions like dockers, containers, Kubernetes, VDIs, cloud storage, cloud infrastructure, etc.
Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001/2, and SSAE-18.
Proven experience in cloud security posture management tools like Microsoft Defender, Wiz, Tenable, Aqua Security, Prisma Cloud, Lacework, Scribe Security, etc.
Proven experience with products dealing with vulnerability management services which include Retina, Qualys, Nessus, Nexpose, etc.
Practical experience with the development, implementation, and management of security-related technologies (i.e., SIEM, WAF, AV, Firewalls, Internet-facing services).
Excellent customer service including strong written and oral communication skills.
Knowledge of security network devices (firewalls, switches, SIEM, Antivirus, cryptography, etc.) and other security networking hardware/software tools.
Demonstrated understanding of information security concepts, standards, and practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting.
Certifications such as CCSK, CCSP, GCSA, Microsoft Certified Azure Security Engineer Associate, CISSP or equivalent.
Results-focused and attention to detail.