VAPT Administrator

#Free Post

Designation: Vulnerability Management Administrator
Qualification: B. tech, B.sc, BCA, Diploma in IT Background
Location: Mumbai
Experience: 3+ years of experience
Mandatory skills: Vulnerability Management, Penetration Testing, VAPT Report

Key Responsibilities:

1. Timely Remediation of Vulnerabilities:

• Ensure all vulnerabilities identified through internal assessments or reported by MetLife are remediated within the defined Service Level Agreements (SLAs) and turnaround times (TAT).
• Adhere strictly to regulatory timelines as mandated by the Insurance Regulatory and Development Authority of India (IRDAI), thereby maintaining full compliance with applicable cybersecurity regulations and standards.

2. Escalation of High-Severity Risks:

• Immediately notify the PMLI Information Security (InfoSec) team of any critical or high-severity vulnerabilities that cannot be resolved within the stipulated timeframes.
• Provide justifications, risk acceptance documentation, and alternative mitigation plans, if applicable, to ensure risk visibility and informed decision-making.

3. Cross-Functional Collaboration:

• Proactively coordinate with internal IT teams, external vendors, application owners, and other relevant stakeholders to drive remediation activities.
• Foster a collaborative environment to overcome technical and logistical barriers, ensuring efficient and timely closure of identified vulnerabilities.

4. Regular Stakeholder Engagement:

• Participate in weekly coordination meetings with vendor partners and other key stakeholders to review current vulnerability findings, discuss remediation status, and plan upcoming activities.
• Maintain open channels of communication to ensure alignment across teams and avoid delays in vulnerability management.

5. Reporting and Documentation:

• Prepare and distribute detailed Vulnerability Assessment and Penetration Testing (VAPT) reports on a monthly basis.
• Reports should include a summary of findings, risk ratings, remediation status, trend analysis, and compliance tracking.
• Ensure that reports are delivered to the InfoSec team and IT leadership in a timely manner, providing them with the necessary insights for informed risk management and strategic planning.

Job Type: Full-time

Benefits:

• Health insurance
• Provident Fund

Work Location: In person