REF2+0+4W | Vulnerability Assessment | 7| years| Group Manager | Information|

Company Description

WNS (Holdings) Limited (NYSE: WNS), is a leading Business Process Management (BPM) company. We combine our deep industry knowledge with technology and analytics expertise to co-create innovative, digital-led transformational solutions with clients across 10 industries. We enable businesses in Travel, Insurance, Banking and Financial Services, Manufacturing, Retail and Consumer Packaged Goods, Shipping and Logistics, Healthcare, and Utilities to re-imagine their digital future and transform their outcomes with operational excellence.

We deliver an entire spectrum of BPM services in finance and accounting, procurement, customer interaction services and human resources leveraging collaborative models that are tailored to address the unique business challenges of each client. We co-create and execute the future vision of 400+ clients with the help of our 44,000+ employees. Our global footprint spans 16 countries with 61 delivery centers worldwide including in China Costa Rica, India, the Philippines, Poland, Romania, South Africa, Spain, Sri Lanka, Turkey, United Kingdom and the United States.

Job Description
• 7+ years of experience
• Strong knowledge and experience of using and managing Vulnerability scanning and remediation tools - Qualys and Nessus
• Should be able to manage Vulnerability Management platform independently and work along with IT and other functions to help remediate identified vulnerabilities.
• Should have completed training modules and certifications by Qualys
• Should be able to work on vulnerability prioritization for patch remediation with respective asset owners
• Should be able to classify and prioritize the risk of all vulnerabilities taking into consideration mitigating factors and impacts of internal and external threats
• Deliver regular compliance reports to leadership on identified, prioritized and remediated vulnerabilities
• Knowledge of information security hardening guidelines such as CIS, NIST, PCI DSS etc.
• Should have knowledge of security technologies for databases, networks, servers and workstations along with knowledge of cloud security from vulnerability management perspective
• Having Application Security Testing skills (Web, API, Thick Client & Mobile) would be advantage
• Good Understanding of OWASP Top 10 and mitigation techniques.

Qualifications

Bachelor’s degree in Engineering

Certifications:

Certified Ethical Hacker (CEH),

Qualys training modules and certifications

CompTIA Security+,
• CISM / CISA / CISSP would be an advantage