Job Summary

Ability to work with very large and complex network.\r\n• Self-motivated individual and creative thinker who will take ownership of tasks and projects, able to work with the team, and manages tasks effectively and has a proven track record of consist and organized outputs. \r\n• The ideal candidate will demonstrate an eagerness to understand complex problems and requirements, an aptitude for translating these problems into workable designs and solutions, and will possess a keen eye for detail.\r\n HCL CSFC provides a superior foundation for building a professional career - a place for people to learn, to achieve and grow. A philosophy that balances personal lifestyles, perspectives and needs is an important part of our culture.\r\nCSFC Noida is looking for an experienced Vulnerability and Penetration testing Management professional candidate to join its team.\r\n

This role is accountable for driving operational excellence and continuous improvement across vulnerability assessment and penetration testing (VAPT) services utilizing Nessus and related security tools. The individual ensures robust service delivery for complex environments, aligns operations to client SLAs, and empowers teams through expert guidance and process innovation to enhance organizational security posture.

Key Responsibilities

1. Lead and optimize VAPT operations by utilizing Nessus and related vulnerability management tools to ensure continuous improvement in threat detection and mitigation processes.
2. Oversee the execution of complex vulnerability assessments and penetration tests, ensuring accurate reporting and remediation guidance in line with client requirements and industry best practices.
3. Provide expert technical direction and mentorship to the VAPT operations team in the use of Nessus, Metasploit, and other security tools for advanced vulnerability management.
4. Develop and implement advanced operational workflows and reporting mechanisms using Nessus and SIEM platforms to improve information flow, incident response, and management reporting.
5. Innovate and introduce process enhancements in VAPT operations leveraging automation and integration between Nessus and ticketing or orchestration platforms.
6. Drive transparent communication of project goals, security findings, and operational metrics to internal teams and clients, ensuring alignment and service excellence.
7. Solve complex security operations challenges by designing tailored solutions with Nessus and VAPT methodologies that address unique client environments and business objectives.

Skill Requirements

Skills Required 4+ years’ for L2 8+ years for L3: Hands-on experience in 2 or more of the Vuln Assessment tools and Vuln. Lifecycle management\r\n• Tools: QualysGuard, Nessus, Rapid 7, InsightVM, Balbix, RiskSense, IBM APP Scan, Meta Sploit, Burp suite. VM Tool – Tenable experience is mandatory\r\n• Experience in Vulnerability Assessment and large scale security operations.\r\n• Responsible to maintain and enhance the daily operations of Security team providing 24/7 security support.\r\n• Responsible for Incident Validation, Incident Analysis, Solution Recommendation, Escalation resolution, Maintain Knowledge base, Patch implementation.\r\n• Responsible for closing incidents/reports.\r\n• Taking ownership and accountability of issue escalation from clients.\r\n• Continuous monitoring of vulnerability trends and metrics to assess the impact to platform and applications Security assurance (VM + Policy compliance scan + PT)\r\n• Development, revision, and maintenance of Standard Operating Procedures and other Operational Documents\r\n

1. Advanced Skills In Managing Security Operations And Incident Response For LargeScale Environments.
2. InDepth Knowledge Of Security Tools Such As Metasploit, Burp Suite, And Siem Platforms.
3. Excellent Ability To Design, Implement, And Optimize Vapt Operational Processes And Reporting.
4. Strong Understanding Of Security Frameworks, Compliance Standards, And Risk Management Practices.
5. Excellent Communication, Leadership, And Mentoring Abilities Within Security Operations Teams.

Other Requirements

Shall have good verbal/written communication skills\r\n• Should be willing to work in 24x7 environments\r\n• From time to time travel opportunities may be assigned\r\n• Incumbent should carry continual system improvement mindset and able to demonstrate in work.\r\n• Client facing technical analysis report and presentation skills\r\n

1. Recommended: Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), or Tenable Certified Nessus Auditor (TCNA).
2. Certifications are optional but valuable for this role