Specialist, Infra Security, VPAT, Technology and Operations

Business Function

Technology and Operations (T&O) enables and empowers the bank with an efficient, nimble and resilient infrastructure through a strategic focus on productivity, quality & control, technology, people capability and innovation. In Group T&O, we manage the majority of the Bank's operational processes and inspire to delight our business partners through our multiple banking delivery channels.

Job Purpose

Vulnerability Management is responsible for identifying, assessing, prioritizing, and tracking remediation of security vulnerabilities across operating systems, networks, middleware, endpoints, external perimeter, and containerized environments. The role requires hands-on experience with Rapid7 vulnerability management tools, system hardening, segmentation testing, and alignment with regulatory and compliance requirements

Job Duties & responsibilities

Vulnerability Assessment & Management

Conduct regular vulnerability scans on:

• Operating systems (Windows, Linux, Unix)
• Network devices (firewalls, routers, switches)
• Middleware and databases
• Endpoints and servers
• External / internet-facing assets
• Perform authenticated and unauthenticated scans and validate scan results.
• Execute external vulnerability assessments (VA) and exposure analysis.
• Support network segmentation penetration testing and validation.

Hardening & Secure Configuration

• Review systems against CIS benchmarks and vendor hardening standards.
• Perform post-remediation validation scans.
• Validate secure configuration and patch compliance.
• Perform post-remediation validation scans.
• Coordinate with infrastructure, network, and application teams for vulnerability remediation.

Container & Cloud Vulnerability Scanning

• Conduct container image and runtime vulnerability scanning.
• Identify vulnerabilities in Docker and Kubernetes environments.
• Support vulnerability assessment of cloud workloads (AWS / Azure / GCP).

Risk Analysis & Reporting

• Analyze vulnerabilities using CVSS scoring, exploitability, and business impact.
• Prepare vulnerability reports, dashboards, and SLA tracking metrics.
• Track remediation status and escalate overdue or high-risk vulnerabilities.

Compliance & Audit Support : Ensure vulnerability management aligns with:

• RBI Cybersecurity Framework
• ISO 27001
• PCI DSS
• NIST / CIS Controls
• Support internal and external audits by providing evidence, reports, and remediation status.

Core Competencies

Strong knowledge of:

• OS, Network, Middleware, and Endpoint security
• Vulnerability scanning and management lifecycle
• Patch management and system hardening
• Network segmentation concepts
• Understanding of TCP/IP, ports, protocols, and common attack vectors.
• Effective in Communication, documentation and report writing skills
• Ability to consult and validate solutions to mitigates risks to business and systems

Technical Competencies

• VAPT - Rapid7, Nessus, Metasploit, QualysGuard, Qualys / Tenable (Nessus) Nmap, CIS-CAT
• Container scanning tools (Trivy, Aqua, Prisma Cloud – exposure acceptable)
• Technical working knowledge (WAF, HIDS, IPS, Firewall, Networking

Required Experience

• 5–7 years of experience in Vulnerability Management / Cyber Security Operations
• Experience in enterprise or BFSI environments preferred
• Familiarity with regulatory and audit requirements
• Certifications (preferred but not mandatory): CEH, Security+, CISSP (or pursuing)

Education / Preferred Qualifications

• Graduation: BE IT/Computers/Electronics, B.Sc - Computers, M.Sc - Computers
• Post-Graduation: PGDIT, MCA, MBA