Role:Security Delivery Specialist
Level:9
Location:Bengaluru, Hyderabad, Chennai, Pune, Mumbai, Delhi
Experience:8+ Years
Main Skill: Infrastructure Vulnerability management (Qualys / Nessus) / Cloud Security posture Management (CSPM)
Position
Summary
We are seeking an experienced candidate to oversee the Accenture's infrastructure Tool Operations - vulnerability management as part of the IS Tools and Operations team and cloud security posture management (CSPM).
This role involves managing the operational processes that identify, assess, and mitigate vulnerabilities across Accenture IT infrastructure and cloud environments. You will be responsible for ensuring that our Vulnerability and compliance posture is in line with industry best practices, regulatory requirements, and organizational policies.
As a Specialist you will work closely with cross-functional teams, including other security teams, IT teams, DevOps, and engineering, to ensure that both cloud and on-prem infrastructure vulnerabilities are identified and addressed in a timely manner. Your role will be critical in enhancing the security and compliance posture of our cloud environments, including AWS, Azure, and Google Cloud.
Key Responsibilities:
Infrastructure Vulnerability Management:
Oversee the identification, assessment, and remediation of vulnerabilities in cloud and on-prem infrastructure using industry-leading vulnerability scanning tools.Prepare and deliver compliance reports to management, detailing the organization's compliance status and areas for improvementDevelop and maintain infrastructure vulnerability management processes and operations, ensuring continuous improvement and alignment with best practices.Oversee the Compliance reporting with various vulnerability management and other cyber security tools and provide the periodic updates to the senior managementSupport Business on remediation queries on Vulnerability and ComplianceWork closely with DevOps, engineering, and other technical teams to respond and remediate the infrastructure and cloud vulnerabilities and reduce the risk to AccentureSupport Business on remediation queries on Vulnerability and Compliance within specified timelinesPerform periodic internal reviews of operating procedures and share outcome/ identify improvementsOversee and Hands-on for cloud and other On Prem IT infrastructure vulnerability remediation using industry leading vulnerability scanning tools.Perform advanced troubleshooting and analysis of scan results (Qualys, Nessus) including false positives/negatives, to ensure accurate reportingUtilize Qualys, Nessus, and other vulnerability scanning tools to conduct regular vulnerability assessments on servers, networks, endpoints, and applicationsCloud Security Posture Management:
Oversight the vulnerability management program for cloud environments using security posture management to continuously assess and enhance the security posture of cloud environments (AWS, Azure, Google Cloud)Leverage tools like CSPM (Cloud Security Posture Management) solutions to monitor and improve security posture across cloud platformsCollaborate with cloud architects and engineers to ensure that cloud infrastructure is secure, compliant, and follows security best practicesReporting & Metrics:
Create and maintain dashboards to provide visibility into the vulnerability management program and cloud security posture.Track and report on progress, risks, and compliance reporting related to vulnerability management and cloud security posture.Periodic operational reporting to senior management. (weekly / Monthly / quarterly)Continuous improvements into the existing internal operational processes and reporting the same to senior managementReview and update/create SOP's and identify improvement areas for existing processesTeam Leadership & Development:
Lead and mentor a team of security analysts, providing guidance on vulnerability management and cloud security best practices.Foster a culture of continuous learning and development within the team.Ensure that team members stay up to date with the latest vulnerability scanning tools, cloud security threats, trends, and technologies.Influence training plans to align with company goalsTechnical Skills:
Strong knowledge on cyber security basics (OS level Security, protocols etc)Comprehensive understanding of security principles, techniques, and technologiesExperience with Cyber security / cloud security frameworks and standards (e.g., CIS benchmark, ISO 27001, NIST) and cloud native security tools.Experience with Cloud Security Posture Management (CSPM) tools like Prisma cloud, checkpoint or similar.Knowledge of network security, firewalls, access controls, and encryption technologies. Deeper understanding of patching/ vulnerability remediation and tools such as Firemon, MFNA etc.Proficiency in vulnerability assessment and management methodologies and tools such as Qualys, tenable, EDR, Splunk etc. Experience in one or more information security technologies like Vulnerability Management, Server Configuration Compliance, Patch Management, Information Security Standards for OS and ApplicationsSoft Skills:
Excellent communication and presentation skills, with the ability to explain complex security concepts to both technical and non-technical stakeholders.Strong problem-solving skills, with a focus on driving solutions and improvements.Ability to lead and collaborate in a cross-functional environment.Strong organizational skills, with the ability to manage multiple projects and deadlines.Good to Have Skills:
Knowledge/Certifications on Containers (AKS or EKS or GKE)Scripting knowledge (Python/Powershell/Bash)Knowledge on ITIL processesKnowledge on ISO 27K processes and controlsPreferred
Qualifications:
Relevant cyber security and cloud security tools certifications or CISSP, CCSK, AWS Certified Security Specialty, CSPM Prisma cert or equivalent are highly desirable.Bachelor's degree in cyber security, Information Technology, or a related field.Experience with automation tools (e.g., Terraform, Ansible, etc.) to enforce security policies in cloud environments.Experience in risk management and compliance frameworks (e.g., SOC 2, ISO 27001, NIST).
Qualifications
Preferred
Qualifications:
Relevant cyber security and cloud security tools certifications or CISSP, CCSK, AWS Certified Security Specialty, CSPM Prisma cert or equivalent are highly desirable.Bachelors degree in cyber security, Information Technology, or a related field.Experience with automation tools (e.g., Terraform, Ansible, etc.) to enforce security policies in cloud environments.Experience in risk management and compliance frameworks (e.g., SOC 2, ISO 27001, NIST). Employment Type: Full Time, Permanent
Read full job description