Specialist - CyberSecurity @ Ltimindtree

Vulnerabilitiy Project Manager Year of experience 7-9 years Role summary 1 Manage and supervise in ServiceNow the identification and qualification of Cyber vulnerabilities for INFRA Validation of the correct compliance of vulnerability scans and reports Qualification of the appropriates everity level versus Asset criticality CVS Setc and false positives in SNOW Verification of correct assignment Quality control of there mediation proposed by the CYBER teams 2 Ensure communication With the IT owners and for critical and high vulnerabilities. The actions plan must beexplain edandtherightte chnicalsupport shall be provided sothat there mediation shappenona dulymannerand time With the other technical domains belonging to ITHIndian TechHub as well as with the other zones EuropeAmericaAsia and the business domains Operations Finance Retail Research Innovation Corporate 3 Improve the process By attending biweekly meetings with the Cyber security teams aiming at improving the KPIs false positive identification remediation plan improvement Key Responsibilities The Cyber Service Delivery team is expanding to support the INFRASTRUCTURE teams in Cyber vulnerability remediation specifically for Defining and implementing a common process across all zones and IT organizations Verifying the quality level of scan results and vulnerability reports provided by the Cyber teams Identifying false positives Reviewing and qualifying vulnerabilities in SNOW ServiceNow Conducting periodic meetings aimed at continuous improvement and automation Communicating to the business the risks associated with vulnerabilities and the importance of an appropriate quantified and planned action plan Training engineers within the LOral Beauty tech team in India Monitoring Vulnerability activities through a dashboard

Drafting a monthly newsletter

Presenting topics related to INFRA vulnerabilities at the quarterly Operational Security Committee

Key Competency

Significant experience in conducting DR Disaster Recovery tests in a Cloud environment Azure AWS AlibabaCloud GCP etc would be a significant asset

Active and growing participation in SECOPS activities vulnerability monitoring noncompliance audit recommendations within a clearly defined scope zone and IT organization identified prior to the assignment

Active and growing participation in AUDIT PENTEST activities with a participation to the auditpentestpreparation as well as to the remediations plan definition and execution following the auditors recommandations.