Vulnerability Analyst (AWS/Kubernetes)

Responsibilities

Provide vulnerability management and secure configuration baseline management oversight and governance for Infosys VM/SCM programs. Adjudicate risk-acceptance ("exception") requests and false positive requests, review VM metrics, shape and govern based on trends being presented to us by Infosys

Qualifications

Looking for strong AWS experience and security experience - Vulnerability Management, Security Assurance, Cloud Security Engineering, or DevSecOps

1. Working knowledge of security risk oversight, CVSS (Common Vulnerability Scoring System), CVE (Common Vulnerabilities and Exposures), and technical security vulnerability remediation/mitigation

2. Practical experience analyzing cloud infrastructure vulnerability data to understand and communicate risks, concerns and outcomes of decisions

3. Extensive experience working with AWS EC2s (or Azure VMs), as well as Container (Kubernetes / EKS) and image security scanning

4. Preferred knowledge of cloud infrastructure hardening – such as validating EC2 Operating Systems against CIS benchmarks, or detecting security misconfigurations with EKS deployments