Vulnerability Management Technical Lead

Company Description About Sopra Steria Sopra Steria a major Tech player in Europe with 50 000 employees in nearly 30 countries is recognised for its consulting digital services and solutions It helps its clients drive their digital transformation and obtain tangible and sustainable benefits The Group provides end-to-end solutions to make large companies and organisations more competitive by combining in-depth knowledge of a wide range of business sectors and innovative technologies with a collaborative approach Sopra Steria places people at the heart of everything it does and is committed to putting digital to work for its clients in order to build a positive future for all In 2024 the Group generated revenues of EUR5 8 billion The world is how we shape it Experience 4 to 8 yrs Location BLR Engineering Graduate - preferably B E B tech in I T or Computer Engineering Key Responsibility Ensure that Rapid7 is fully and effectively implemented across the relevant areas Assist with the design implementation and optimization of automated tagging workflows in Rapid7 InsightVM to support dynamic asset grouping risk prioritization and targeted remediation efforts Build new and refine optimize existing InsightVM dashboards and reports to provide efficient and actionable insights in order to prioritize and optimize a suitable remediation plan patching misconfigurations and so forth Integrate Rapid7 with external systems e g CMDB ticketing platforms like Cherwell and ServiceNow when implemented in the future to ensure enrichment and accurate asset context and automated remediation ticket creation Collaborate with IT Infrastructure and Support teams to ensure proper asset discovery and tracking in order to reduce false positives and orphaned assets This also includes identifying new assets that need enrollment in InsightVM additional systems endpoints network devices etc Implement and support scan scheduling and tuning for better and broader vulnerability coverage across IT infrastructure Assist in risk acceptance workflows ensuring proper documentation and time-bound exceptions within the Rapid7 InsightVM platform Troubleshoot scan issues tagging failures and data synchronization problems across integrated platforms Drive process improvements by identifying gaps in the current vulnerability management workflow and recommending automation or policy changes Deliver clear and concise security reports and presentations to stakeholders at all levels of the organisation Provide training and guidance to staff on information security best practices Align vulnerability management practices with the following standards ISO IEC 27001 NIST Cybersecurity Framework CIS Critical Security Controls version 8 particularly Control 7 Vulnerability Management NIS2 Extend the scanning scope to include additional systems endpoints or networks as appropriate Define and support the implementation of a structured process for tracking and remediating identified vulnerabilities Optimize our monthly reporting capabilities including Clear and actionable KPIs and metrics e g remediation timelines risk levels prioritization Management-level summary reports Detailed technical reports for operational use Provide guidance on what systems should be in scope and out of scope based on risk assessment and business impact Total Experience Expected 06-08 years Qualifications Qualification Experience Bachelor degree or Masters in Computer Science Engineering or related field Advanced degrees or certifications are preferred Having 5 years of experience in information security specifically in end-to-end vulnerability management with 2-3 years hands on Rapid7 experience Strong analytical skills and experience with security information and event management SIEM tools Relevant technical certifications will be an added advantage Excellent reporting and presentation skills with the ability to communicate complex security concepts to non technical stakeholders Knowledge of current cybersecurity trends threats and techniques as well as an understanding of regulatory requirements Ability to work independently and collaboratively in a fast-paced environment Good interpersonal and communication skills works effectively as a team player French German Danish language knowledge will be an added advantage Additional Information Ready to work at client site in Bengaluru as per the support hours At our organization we are committed to fighting against all forms of discrimination We foster a work environment that is inclusive and respectful of all differences All of our positions are open to people with disabilities