Vulnerability Management & Compliance Specialist

Get To Know Us First!

Interface.ai provides an Intelligent Virtual Assistant (IVA) to FIs to automate calls and customer inquiries across multiple channels and engage their customers with financial insights and upsell/cross-sell. Our IVA is transforming financial institutions’ call centers from a cost to a revenue center.

Our core technology is built 100% in-house with several breakthroughs in Natural Language Understanding. Our parser is built based on zero-shot learning that helps us to launch industry-specific IVA that can achieve over 90% accuracy on Day-1. We are 160+ people strong with employees spread across India and US locations. Many of them come from ML teams at Apple, Microsoft and Salesforce in the US along with enterprise architects with over 20+ years of experience building large-scale systems. Our India team consists of people from ISB, IIMs and many who have been previous part of early-stage startups. We have grown 1800% in the last one year.  Founders come from Banking and Enterprise Technology backgrounds with previous experience scaling companies from scratch to $50M+ in revenues. We have grown 1800% in the last one year & are in the top 100 fastest-growing Fintech in Silicon Valley. We are a fully remote team

Careers - https://interface.ai/open-positions

LinkedIn - https://www.linkedin.com/company/interface-ai/

Do You Make the Cut?

Vulnerability Management & Compliance Specialist with hands on experience managing application and infrastructure vulnerabilities on AWS environments, patch management, vulnerability assessments, and internal Penetration Testing. The ideal candidate will have 5-8 years of experience in vulnerability management processes, ensuring proactive identification, reporting, remediation of security risks across our infrastructure and maintaining compliance standards. This role will be key in safeguarding our environment and aligning with industry best practices.

Department: Security & Compliance

Experience: 5-8 years

Responsibilities:

Infrastructure Security:

• Conduct periodic vulnerability scanning, risk assessment, and remediation in AWS cloud environments.
• Leverage AWS services (Security Hub, Inspector, etc.) to maintain a secure cloud infrastructure.
• Conduct periodic Penetration Testing on the defined scope by Engineering Teams
• Identify, document, and prioritize vulnerabilities using industry standard tools.
• Coordinate with cross functional teams to ensure timely remediation of security issues.
• Manage and implement patch management strategies for cloud (AWS)
• Monitor and apply security patches, bug fixes, and updates across all environments.
• Maintain compliance with security patch policies and regulatory requirements.
• Ensure security best practices are followed for cloud services and virtualized workloads.

Risk Assessment and Reporting

• Analyze vulnerability scan results, categorize risks, and produce detailed reports for management.
• Collaborate with internal stakeholders to communicate vulnerabilities, risks, and mitigations.
• Propose solutions for identified vulnerabilities and ensure effective implementation.

Incident Management:

• Assist in investigating and responding to security incidents related to vulnerabilities and patching.
• Participate in post incident analysis and suggest improvements for future prevention.

 Compliance and Best Practices:

• Ensure all systems meet internal and external compliance requirements (e.g., SOC2, PCI DSS, GLBA).
• Stay updated with security trends, vulnerabilities, patches, and regulatory requirements.
• Enforce security policies and guidelines for vulnerability and patch management.

 Key Requirements:

 Experience:

• 5-8 years of experience in vulnerability management, patch management, and Penetration testing.
• Proven experience with AWS cloud security tools and services.
• Strong understanding of vulnerability scanning tools (e.g., Nessus, Qualys, OpenVAS).
• Experience with AWS security services (e.g., AWS Security Hub, AWS Inspector).
• Hands-on experience with patch management tools (e.g., Manage Engine).
• Experience in compliance, with a focus on SOC 2, PCI DSS, ISO 27001, and GLBA.

 Certifications (Preferred):

• AWS Certified Security – Specialty or equivalent.
• CompTIA Security+, CEH (Certified Ethical Hacker)

Benefits

• Remote First Policy
• Comprehensive Insurance Policy
• A chance to have a huge impact early in your career