Home
Communities
Companies
- Companies
  
  Discover best places to work
- Compare Companies
  
  Compare & find best workplace
- Add Office Photos
  
  Bring your workplace to life
- Add Company Benefits
  
  Highlight your company's perks
Reviews
- Company reviews
  
  Read reviews for 6L+ companies
- Write a review
  
  Rate your former or current company
Salaries
- Browse salaries
  
  Discover salaries for 6L+ companies
- Salary calculator
  
  Calculate your take home salary
- Are you paid fairly?
  
  Check your market value
- Share your salary
  
  Help other jobseekers
Interviews
- Company interviews
  
  Read interviews for 40K+ companies
- Campus placements
  
  Interviews questions for 1K+ colleges
- Share interview questions
  
  Contribute your interview questions
Jobs
Awards

RATE NOW!
- ABECA 2025
  
  RATE NOW!
  
  AmbitionBox Employee Choice Awards - 4th Edition
- ABECA 2024
  
  AmbitionBox Employee Choice Awards - 3rd Edition
- AmbitionBox Best Places to Work 2022
  
  2nd Edition
- AmbitionBox Best Places to Work 2021
  
  1st Edition

Add office photos

Employer? Claim Account for FREE

Triton Group

Compare

3.8

based on 17 Reviews

16 Triton Group Jobs

Senior Security Analyst - Vulnerability Management

TriNet Group, Inc

3.8

based on 17 Reviews

5-10 years

Hyderabad / Secunderabad

1 vacancy

Senior Security Analyst - Vulnerability Management

Triton Group

posted 1d ago

Job Role Insights

Fixed timing

Key skills for the job

Data Analysis Python Consulting PLSQL Information Security IT Operations Management

+ 3 more

Job Description

The Senior Vulnerability Management Analyst performs security assessments of container images and application platform code within the enterprise environment and identifies where the container images and code deviate from acceptable configurations and/or policies and standards.

You will work in collaboration with Cyber Defense, Risk, Product Security, and Application Engineering teams to drive vulnerability remediation across the enterprise environment and visualize vulnerability risk and performance metrics to executive leadership.

ESSENTIAL DUTIES/RESPONSIBILITIES

Perform technical (evaluation of technology) and nontechnical (evaluation of people and operations) risk and vulnerability assessments of relevant technology focus areas.
Exhibit good understanding of vulnerability validation, re-production, remedy advice and vulnerability research skills.
Prepare reports that identify technical and procedural findings and provide recommended remediation strategies/solutions.
Engage with various internal teams to conduct holistic response management on identified vulnerabilities and the remediation efforts.
Articulate likelihood of exploitation and impact to IT leaders with the proven ability to convey the urgency and need to remediate vulnerabilities commensurate with the risk they present.
Maintain knowledge of applicable cyber defense policies, regulations, and compliance documents specifically related to cyber defense.

JOB REQUIREMENTS AND QUALIFICATIONS
Education:
Bachelors degree from an accredited college or university, or equivalent experience. A degree in Computer Science, Computer/Data Systems Management or a related field or discipline is preferred but not required.

Training Requirements (licenses, programs, or certificates): One or more of the following desired but not required

ISC(2) Certified Information Security Services Professional (CISSP
Burp Suite Certified Practitioner
Certified Application Security Engineer (CASE)

Experience:

5+ years related experience in Engineering/IT Operations, Security Operations, Vulnerability Management, DevSecOps, and/or Incident Response in large enterprise environments.
Hands-on experience with Prisma Cloud, ServiceNow Application Vulnerability Response, Jira, Invicti, SonarQube.
Hands-on experience with cloud infrastructure providers such as OCI and AWS.

Other Knowledge, Skills and Abilities:

Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
Skill in communicating complex technical information to an executive audience.
Skill in utilizing Python for data analysis.
Skill in conducting vulnerability scans and recognizing vulnerabilities in complex systems.
Skill in how to write and tune behavioral rules in Invicti and SonarQube.
Skill in conducting application vulnerability assessments.
Skill in recognizing, assessing, and understanding cloud container vulnerabilities.
Knowledge and understanding of the Agile Scrum framework.

WORK ENVIRONMENT/OTHER INFORMATION (Travel required, physical requirements, on-call schedules, etc.)

Minimal travel required
Work in a clean, pleasant, and comfortable office setting
This role requires daily on-site presence at our Hyderabad office to collaborate with team members and participate in in-person meetings.
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
This position is 100% in office.

Employment Type: Full Time, Permanent

Read full job description