39 Vulnerability Management jobs in India

Vulnerability Management - L2

Mumbai, Maharashtra ITC Infotech

Posted today

Job Viewed

Tap Again To Close

Job Description

Vulnerability Management Analyst – L2


Location: Mumbai/Pune


Job Summary:

ITCI Cyber Security team is looking for the role which is accountable for leading the organization’s end-to-end vulnerability lifecycle and aligning risk and compliance efforts with regulatory mandates such as RBI Master Directions and SEBI Cybersecurity Framework. The individual will ensure timely vulnerability detection, validation, remediation governance, and risk-based prioritization. The role also anchors all compliance readiness activities across cybersecurity, translating control gaps into actionable security initiatives while coordinating with internal and external audit functions.


Key Responsibilities:

  • Work Experience on vulnerability management lifecycle across infra and application assets (VM, risk scoring, remediation tracking).
  • Own end-to-end delivery of VM scans, validation cycles, and risk-based prioritization using tools like Tenable/Nessus.
  • Map vulnerabilities to business risk and generate executive-level dashboards with risk exposure summaries.
  • Define and maintain risk treatment plans per RBI and SEBI frameworks, coordinating with infra and app teams.
  • Conduct compliance checks, technical control validations, and support readiness for RBI/SEBI/ISO audits.
  • Perform monthly risk posture reviews, threat trend reporting, and mitigation progress evaluations.
  • Oversee gap assessments against RBI Master Direction, SEBI circulars, and DPDP data security provisions.
  • Provide expertise in documenting technical controls, ISMS artifacts, and audit trails for internal and external audits.
  • Engage with stakeholders to establish security exceptions, compensating controls, and policy deviation approvals.
  • Build and maintain GRC tools and risk registers with role-based access and automated updates.


Key Skills & Certifications:

  1. 5+ years in cyber risk management, vulnerability assessment, and compliance delivery.
  2. Strong experience with Tenable/Nessus, Qualys, and GRC tools.
  3. ISO 27001 Lead Auditor, CRISC, or CISA certified.
  4. In-depth knowledge of RBI Master Direction on IT Framework, SEBI Cybersecurity Guidelines.
  5. Strong skills in risk quantification, reporting, and policy enforcement.
This advertiser has chosen not to accept applicants from your region.

Vulnerability Management - L3

Bengaluru, Karnataka ITC Infotech

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

Vulnerability Management - L3


Location : Bangalore

Mode : Hybrid


  • On the portal where vulnerabilities are listed, each vulnerability must be analyzed;
  • Within each record of each vulnerability, analyze the required fixes and the vendor involved
  • Contact the vendor to discuss the vulnerability fix (usually the vendor applies the fix in a test environment)
  • If there is any impact or downtime required, it will be necessary to align with Miguel Marçal on the intervention window;
  • Contact T-Systems to schedule the intervention;
  • T-Systems will have to ensure a virtual machine snapshot is performed to enable rollback protection;
  • Support the vendor during the application of the fixes in the production environment Security Operations Lead Roles and Responsibilities ( Grade IS3 / IS4) Vulnerability Analysis & Tracking
  • Review and analyze vulnerabilities listed on the security portal & Servicenow
  • Assess each vulnerability record to identify required fixes and determine the responsible vendor.
  • Maintain a centralized tracking system for all open vulnerabilities and remediation status. Vendor Coordination
  • Contact vendors to discuss and plan the application of fixes, typically in a test environment first.
  • Support vendors during the fix deployment in production environments.
  • Ensure rollback protection by coordinating virtual machine snapshots before any intervention. Intervention Planning
  • Coordinate with T-Systems to schedule interventions and confirm snapshot creation for rollback capability. Remediation Execution
  • Facilitate and monitor the application of fixes in production environments.
  • Ensure all remediation activities are completed within agreed timelines and with minimal disruption. Documentation & Reporting to CSO
  • Document all remediation steps, communications, and outcomes.
  • Provide regular updates and reports to management on vulnerability status and resolution progress to CSO.
  • Participate in the weekly and monthly review with CSO.
This advertiser has chosen not to accept applicants from your region.

Junior Vulnerability Management Analyst

Hyderabad, Andhra Pradesh Amgen

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

Join Amgen's Mission of Serving Patients
At Amgen, if you feel like you're part of something bigger, it's because you are. Our shared mission-to serve patients living with serious illnesses-drives all that we do.
Since 1980, we've helped pioneer the world of biotech in our fight against the world's toughest diseases. With our focus on four therapeutic areas -Oncology, Inflammation, General Medicine, and Rare Disease- we reach millions of patients each year. As a member of the Amgen team, you'll help make a lasting impact on the lives of patients as we research, manufacture, and deliver innovative medicines to help people live longer, fuller happier lives.
Our award-winning culture is collaborative, innovative, and science based. If you have a passion for challenges and the opportunities that lay within them, you'll thrive as part of the Amgen team. Join us and transform the lives of patients while transforming your career.
Junior Vulnerability Management Analyst
**What you will do**
Let's do this. Let's change the world. In this vital role supports the identification, assessment, and tracking of vulnerabilities across the organization's IT landscape. The Junior Vulnerability Management Analyst assists senior team members in analyzing vulnerability data, correlating risk indicators (e.g., KEV, EPSS), and supporting remediation efforts. This position offers an opportunity to grow technical expertise while contributing to the organization's security posture through structured vulnerability management processes.
**Roles & Responsibilities:**
+ Assist with analyzing vulnerability scan results from tools such as Tenable, Qualys, or Rapid7.
+ Support prioritization efforts using CVSS scores, KEV (Known Exploited Vulnerabilities), EPSS (Exploit Prediction Scoring System), and asset criticality.
+ Collaborate with IT and security teams to track remediation status and escalate high-risk findings.
+ Monitor public threat intelligence sources to understand the context of vulnerabilities.
+ Contribute to the development of dashboards and reports for tracking vulnerabilities and trends.
+ Assist in documenting vulnerability management processes and remediation workflows.
+ Support compliance and audit requests by providing vulnerability data as needed.
+ Learn and follow policies related to patch management and secure configurations.
**What we expect of you**
We are all different, yet we all use our unique contributions to serve patients.
**Basic Qualifications:**
Bachelor's degree and 0 to 3 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools OR
Diploma and 4 to 7 years of experience in cybersecurity or IT operations with exposure to vulnerability or security tools
**Must-Have Skills:**
+ Basic familiarity with vulnerability management platforms (e.g., Tenable, Qualys, or Rapid7)
+ Understanding of basic CVSS scoring and vulnerability classification
+ Awareness of cybersecurity concepts such as threat intelligence, patching, and risk assessment
+ Foundational knowledge of networking and common IT systems
+ Willingness to learn and grow in the field of vulnerability management
**Preferred Qualifications:**
**Good-to-Have Skills:**
+ Exposure to KEV, EPSS, or similar threat-based scoring frameworks
+ Basic experience with scripting languages (e.g., Python, PowerShell)
+ Awareness of cloud security tools (e.g., AWS Inspector, Azure Defender)
+ Familiarity with compliance standards such as NIST, ISO, or PCI-DSS
+ CompTIA Security+ (preferred)
+ Tenable Certified Nessus Auditor (Preferred)
+ Qualys Vulnerability Management Specialist (Preferred)
**Soft Skills:**
+ **Analytical Thinking** - Comfortable working with data and identifying patterns
+ **Attention to Detail** - Careful review and tracking of vulnerabilities
+ **Communication Skills** - Able to clearly document and explain findings
+ **Collaboration & Teamwork** - Works well with cross-functional teams
+ **Curiosity & Continuous Learning** - Strong interest in cybersecurity and professional growth
+ **Problem-Solving Mindset** - Seeks practical solutions to real-world security issues
**What you can expect of us**
As we work to develop treatments that take care of others, we also work to care for your professional and personal growth and well-being. From our competitive benefits to our collaborative culture, we'll support your journey every step of the way.
In addition to the base salary, Amgen offers competitive and comprehensive Total Rewards Plans that are aligned with local industry standards.
**Apply now and make a lasting impact with the Amgen team.**
**careers.amgen.com**
As an organization dedicated to improving the quality of life for people around the world, Amgen fosters an inclusive environment of diverse, ethical, committed and highly accomplished people who respect each other and live the Amgen values to continue advancing science to serve patients. Together, we compete in the fight against serious disease.
Amgen is an Equal Opportunity employer and will consider all qualified applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability status, or any other basis protected by applicable law.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.
This advertiser has chosen not to accept applicants from your region.

Lead Cybersecurity - Endpoint Vulnerability Management

Bengaluru, Karnataka AT&T

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

**Job Description:**
Lead Cybersecurity - Endpoint Vulnerability Management
**About the Company:**
Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won't just imagine the future-you'll create it.
**About the Job:**
We are seeking an End User Endpoint Vulnerability Management Lead responsible for ensuring the security posture of all end user devices across the organization. This position calls for a security-minded professional with deep expertise in identifying, assessing, and mitigating vulnerabilities specific to endpoints-laptops, desktops, smartphones, and other user-operated devices.
**Experience Level:** 12+ years
**Location:** Hyderabad or Bengaluru
**Roles and Responsibilities:**
+ Endpoint Vulnerability Assessment: Conduct scheduled and ad-hoc vulnerability scans across a diverse and distributed fleet of end user devices. Analyze scan results to prioritize risks and recommend timely remediation actions.
+ Threat Intelligence Integration: Stay updated on emerging endpoint vulnerabilities, threat vectors, and exploit techniques. Leverage threat intelligence feeds to proactively strengthen endpoint protection.
+ Metrics & Reporting: Assist with regular reports detailing vulnerability trends, remediation status, and compliance metrics for management review.
+ Continuous Improvement: Assess the effectiveness of existing vulnerability management practices. Propose and implement innovative techniques to enhance detection, response, and remediation capabilities.
**Primary / Mandatory skills:**
+ 12+ years of Proven experience in cybersecurity with 8 years of experience in endpoint security and its vulnerability management.
+ Deep understanding of operating systems (Windows, macOS, Linux), mobile platforms (Android, iOS), and associated endpoint security controls.
+ Hands-on experience with vulnerability end user end point detection tools such as, SentinelOne, Palo Alto.
+ Proficiency in scripting and automation (PowerShell, Python, Bash) to streamline vulnerability detection and remediation workflows.
+ Strong analytical skills with the ability to translate technical findings into actionable business recommendations.
+ Excellent written and verbal communication skills, able to present complex security concepts to non-technical audiences.
+ Demonstrated commitment to professional integrity, discretion, and confidentiality
**Desired Skills:**
+ Experience with ServiceNow
+ Experience with Vulnerability Assessment tools
**Additional information (if any):** Flexible to provide coverage in US morning hours upon need.
**Certification** : Relevant certifications such as CISSP or CCSP or equivalent are highly desirable.
**Weekly Hours:**
40
**Time Type:**
Regular
**Location:**
IND:KA:Bengaluru / Innovator Building, Itpb, Whitefield Rd - Adm: Intl Tech Park, Innovator Bldg
It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.
AT&T will consider for employment qualified applicants in a manner consistent with the requirements of federal, state and local laws
We expect employees to be honest, trustworthy, and operate with integrity. Discrimination and all unlawful harassment (including sexual harassment) in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected veteran status or employment status
This advertiser has chosen not to accept applicants from your region.

Lead Cybersecurity Engineer - Vulnerability Management

Bengaluru, Karnataka Wabtec Corporation

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

It's not just about your career or job title. It's about who you are and the impact you will make on the world. Because whether it's for each other or our customers, we put People First. When our people come together, we Expand the Possible and continuously look for ways to improve what we create and how we do it. If you are constantly striving to grow, you're in good company. We are revolutionizing the way the world moves for future generations, and we want someone who is ready to move with us.
It's not just about your career or job title. It's about who you are and the impact you will make on the world. Because whether it's for each other or our customers, we put People First. When our people come together, we Expand the Possible and continuously look for ways to improve what we create and how we do it. If you are constantly striving to grow, you're in good company. We are revolutionizing the way the world moves for future generations, and we want someone who is ready to move with us.
**Who are we?**
Wabtec Corporation is a leading global provider of equipment, systems, digital solutions, and value-added services for freight and transit rail as well as the mining, marine, and industrial markets. Drawing on nearly four centuries of collective experience across Wabtec, GE Transportation, and Faiveley Transport, the company has grown to become One Wabtec, with unmatched digital expertise, technological innovation, and world-class manufacturing and services, enabling the digital-rail-and-transit ecosystems.
Wabtec is focused on performance that drives progress and unlocks our customers' potential by delivering innovative and lasting transportation solutions that move and improve the world. We are lifelong learners obsessed with making things better to drive exceptional results. Wabtec has approximately 27K employees in facilities throughout the world. Visit our website ( to learn more!
**Who will you be working with?**
Join Enterprise Information Security (EIS) to drive cybersecurity excellence leveraging intelligence, strategic partnerships, and analysis. Collaborate daily with GRC, Architecture, Operations, and key Information Technology stakeholders to advance our information security capabilities.
**How will you make a difference?**
As a member of Enterprise Information Security, Wabtec is looking for an individual to run a Vulnerability Management program. The **Lead Cybersecurity Engineer** role reports directly into Enterprise Security Services (ESS) and is responsible for vulnerability response. Use your expertise to identify improvement areas and influence cybersecurity hygiene across all IT functions. Join us and lead the charge in cybersecurity excellence!
**What do we want to know about you?**
_You must have:_
+ Bachelor's degree in computer engineering or STEM major (Science, Technology, Engineering, or Math) and/or a minimum of six years of vulnerability management experience
+ 6+ years of experience overseeing the identification, assessment, and remediation of security vulnerabilities across IT infrastructure
+ Experience with the development of technical documentation
+ Thorough understanding of standards such as NVD, CVE, CPE, CWE, CVSS, CESS, EPSS
+ Effective project management and communications skills with ability to work on a Global team
+ Must be willing to work weekends/off-shift hours, as needed during incidents.
_We would love it if you had:_
+ Excellent communication skills with the ability to manage joint response and remediation efforts and constructively influence peers and leadership
+ Proficiencies in collaborating with Architecture, Product Security and IT stakeholders to refine vulnerability management lifecycle between Enterprise and Product
+ Ability to react quickly, decisively, and deliberately in high stress situations
+ Hands-on experience with popular vulnerability management solutions such as Tenable and ServiceNow-VR
+ Preferred -Tanium Comply, WIZ, ArmorCode, and Black Duck
**What will your typical day look like?**
+ Conduct regular vulnerability assessments using tools such as Tenable and ServiceNow-Vulnerability Response
+ Leverage experience to analyze and prioritize vulnerabilities based on risk and impact with the ability to work independently and receive minimal guidance
+ Develop and implement remediation plans in collaboration with IT and application teams, collaborate with various departments, ensuring systems are secure and compliant with industry standards
+ Continuously monitor the security landscape and provide detailed reports on vulnerability status, trends, remediation progress
+ Assist in the response to security incidents, providing expertise in vulnerability exploitation and mitigation
**What about the physical demands of the job? (Usual office job examples)**
+ Regularly remaining in a stationary position, often standing or sitting for prolonged periods
+ Regularly communicating with others to exchange information
+ Regularly required to attend meetings in person and virtually using video and audio computer equipment
+ Regularly repeating motions that may include the wrists, hands and/or fingers, such as typing
+ Occasionally moving about to accomplish tasks or moving from one worksite to another
+ Occasionally light work that includes moving objects up to 20 pounds
You may also be asked to perform other duties outside of your function or trade, for which adequate training will be provided if necessary.
**_Work Environment: (Usual office job)_**
+ Hybrid work schedule (both on-site and remote)
+ The employee will normally work in a temperature-controlled office environment, with frequent exposure to electronic office equipment. During visits to areas of operations, may be exposed to extreme cold or hot weather conditions. Is occasionally exposed to fumes or airborne particles, toxic or caustic chemicals, and loud noise
**Our Commitment to Embrace Diversity:**
Wabtec is a global company that invests not just in our products, but also our people by embracing diversity and inclusion. We care about our relationships with our employees and take pride in celebrating the variety of experiences, expertise, and backgrounds that bring us together. At Wabtec, we aspire to create a place where we all belong and where diversity is welcomed and appreciated.
To fulfill that commitment, we rely on a culture of leadership, diversity, and inclusion. We aim to employ the world's brightest minds to help us create a limitless source of ideas and opportunities. We have created a space where everyone is given the opportunity to contribute based on their individual experiences and perspectives and recognize that these differences and diverse perspectives make us better.
We believe in hiring talented people of varied backgrounds, experiences, and styles. People like you! Wabtec Corporation is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, or protected Veteran status. If you have a disability or special need that requires accommodation, please let us know.
**Who are we?**
Wabtec Corporation is a leading global provider of equipment, systems, digital solutions, and value-added services for freight and transit rail as well as the mining, marine, and industrial markets. Drawing on nearly four centuries of collective experience across Wabtec, GE Transportation, and Faiveley Transport, the company has grown to become One Wabtec, with unmatched digital expertise, technological innovation, and world-class manufacturing and services, enabling the digital-rail-and-transit ecosystems.
Wabtec is focused on performance that drives progress and unlocks our customers' potential by delivering innovative and lasting transportation solutions that move and improve the world. We are lifelong learners obsessed with making things better to drive exceptional results. Wabtec has approximately 27K employees in facilities throughout the world. Visit our website to learn more! Commitment to Embrace Diversity:**
Wabtec is a global company that invests not just in our products, but also our people by embracing diversity and inclusion. We care about our relationships with our employees and take pride in celebrating the variety of experiences, expertise, and backgrounds that bring us together. At Wabtec, we aspire to create a place where we all belong and where diversity is welcomed and appreciated.
To fulfill that commitment, we rely on a culture of leadership, diversity, and inclusion. We aim to employ the world's brightest minds to help us create a limitless source of ideas and opportunities. We have created a space where everyone is given the opportunity to contribute based on their individual experiences and perspectives and recognize that these differences and diverse perspectives make us better.
We believe in hiring talented people of varied backgrounds, experiences, and styles. People like you! Wabtec Corporation is committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or expression, or protected Veteran status. If you have a disability or special need that requires accommodation, please let us know.
This advertiser has chosen not to accept applicants from your region.

Vulnerability Management Specialist (AWS & Wiz)

Bengaluru, Karnataka PURVIEW

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

We are seeking a skilled Vulnerability Management Specialist with hands-on experience in AWS environments and Wiz (cloud security posture management) . The ideal candidate will be responsible for identifying, assessing, and remediating vulnerabilities across our cloud infrastructure, ensuring compliance with security best practices, and collaborating with cross-functional teams to strengthen our security posture.



Job Responsibilities:

  • Lead and manage vulnerability management processes for AWS-hosted environments.
  • Use Wiz to continuously monitor, identify, and prioritize vulnerabilities across cloud workloads, applications, and configurations.
  • Perform regular vulnerability scans, risk assessments, and reporting.
  • Partner with DevOps, Cloud Engineering, and Application teams to drive remediation and patching efforts.
  • Maintain an inventory of assets and ensure alignment with security baselines.
  • Track emerging threats, zero-day vulnerabilities, and recommend mitigation strategies.
  • Support security audits, compliance efforts (e.g., ISO, SOC 2), and risk assessments.
  • Develop and deliver metrics/dashboards on vulnerability status and remediation progress.


Job Requirements

  • 3–6 years of experience in cybersecurity, vulnerability management, or cloud security.
  • Strong hands-on experience with AWS services (IAM, EC2, S3, Lambda, CloudTrail, etc.).
  • Strong experience with Wiz or similar Cloud Security Posture Management (CSPM) tools.
  • Solid understanding of vulnerability scanning, patch management, and remediation processes.
  • Familiarity with common security standards (NIST, CIS Benchmarks, OWASP).
  • Strong collaboration and communication skills to work with technical and non-technical teams.
  • AWS Security Specialty or Solutions Architect certification.
  • Knowledge of container security (EKS, Kubernetes, Docker).
  • Experience with scripting/automation (Python, Bash, Terraform).
  • Exposure to SIEM tools and incident response practices.


Please connect Grace @ to learn more about the role.

This advertiser has chosen not to accept applicants from your region.

Information Security Analyst - Vulnerability Management

122002 Gurgaon, Haryana ₹800000 Annually WhatJobs

Posted 8 days ago

Job Viewed

Tap Again To Close

Job Description

full-time
Our client, a prominent financial services institution, is seeking a diligent and proactive Information Security Analyst specializing in Vulnerability Management. This hybrid role is based in Gurugram, Haryana, IN , offering a blend of office-based collaboration and remote flexibility. You will be responsible for identifying, assessing, and coordinating the remediation of security vulnerabilities across the organization's IT infrastructure and applications. Your work will directly contribute to strengthening our security posture and mitigating potential risks.

Key Responsibilities:
  • Conduct regular vulnerability scans using industry-standard tools (e.g., Nessus, Qualys, Rapid7) across servers, endpoints, and network devices.
  • Analyze scan results, prioritize vulnerabilities based on risk and impact, and validate findings.
  • Track the remediation of identified vulnerabilities, working closely with IT operations, development, and system administration teams.
  • Develop and maintain comprehensive vulnerability management reports for technical teams and senior management.
  • Assist in the selection, implementation, and configuration of vulnerability scanning tools and platforms.
  • Contribute to the development and enforcement of vulnerability management policies and procedures.
  • Stay current with emerging threats, vulnerabilities, and security best practices.
  • Support incident response activities by providing context and information related to system vulnerabilities.
  • Develop dashboards and metrics to measure the effectiveness of the vulnerability management program.
  • Collaborate with security architects to ensure secure design principles are integrated into new systems and applications.
  • Perform penetration testing exercises and report on findings as required.
  • Provide guidance and support to other security team members.

Qualifications:
  • Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field.
  • Minimum of 3 years of experience in information security, with a primary focus on vulnerability management.
  • Hands-on experience with vulnerability scanning tools and techniques.
  • Strong understanding of common vulnerabilities (e.g., OWASP Top 10), network protocols, and operating system security.
  • Proficiency in analyzing scan reports and prioritizing remediation efforts.
  • Familiarity with scripting languages (e.g., Python, PowerShell) for automating security tasks is a plus.
  • Excellent analytical, problem-solving, and communication skills.
  • Ability to work independently and collaborate effectively within a team.
  • Knowledge of IT compliance frameworks (e.g., ISO 27001, NIST) is desirable.
  • Relevant security certifications such as CompTIA Security+, CEH, or OSCP are advantageous.
This role provides an excellent opportunity to advance your career in information security within a supportive and dynamic environment, based out of our Gurugram, Haryana, IN office with a flexible hybrid work arrangement.
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Vulnerability management Jobs in India !

Principal Engineer-Security engineering & Vulnerability Management

Bengaluru, Karnataka Dell Technologies

Posted today

Job Viewed

Tap Again To Close

Job Description

**Software Principal Engineer**
The Software Engineering team delivers next-generation application enhancements and new products for a changing world. Working at the cutting edge, we design and develop software for platforms, peripherals, applications and diagnostics - all with the most advanced technologies, tools, software engineering methodologies and the collaboration of internal and external partners.
Join us as a Software Principal Engineer on our **Security Engineering team in Bangalore** to do the best work of your career and make a profound social impact.
**What you'll achieve**
As a **Software Principal Engineer** , you will be responsible for embedding secure development practices and leading vulnerability management across Dell's product portfolio. You will collaborate closely with engineering and governance teams to drive security improvements and ensure secure, compliant product delivery.
**You will:**
+ Lead threat modeling, design security reviews, and vulnerability response processes to identify and mitigate risks
+ Drive secure code practices, vulnerability scanning, triage, and remediation coordination
+ Conduct security testing including functional, dynamic, and penetration testing to validate controls.
+ Manage release compliance artifacts and develop key security documentation
+ Mentor junior engineers and champion security maturity and privacy assessment initiatives
**Take the first step towards your dream career**
Every Dell Technologies team member brings something unique to the table. Here's what we are looking for with this role:
**Essential Requirements**
+ 8-12 years in product security engineering and vulnerability management with strong Security Development Lifecycle_SDL.
+ Experience in threat modeling, security design, and vulnerability management tools and processes.
+ Experience in compliance frameworks like ISO 27001, NIST 800-53, HIPAA.
+ Experience with penetration testing, container security, OS hardening, and secure CI/CD integration.
+ Experience in programming with Python, Java, Bash, Go, or similar for automation and tool integration
**Desirable Requirements**
+ Certifications such as CISSP, CCSP, CISM, CEH, OSCP, or CSSLP
+ Familiarity with PCI DSS, FedRAMP, or CCPA
**Who we are**
We believe that each of us has the power to make an impact. That's why we put our team members at the center of everything we do. If you're looking for an opportunity to grow your career with some of the best minds and most advanced tech in the industry, we're looking for you.
Dell Technologies is a unique family of businesses that helps individuals and organizations transform how they work, live and play. Join us to build a future that works for everyone because Progress Takes All of Us.
**Application closing date: 31-Oct-2025**
Dell Technologies is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. Read the full Equal Employment Opportunity Policy.
#NJP
**Job ID:** R
This advertiser has chosen not to accept applicants from your region.

L3 – Vulnerability Management, Risk and Compliance Lead

Mumbai, Maharashtra ITC Infotech

Posted 2 days ago

Job Viewed

Tap Again To Close

Job Description

Hi, We have 4 open positions for the below role in Mumbai, Secondary location is Pune. Interested candidates can email their updated profiles to alongwith the following details: Current CTC, Expected CTC, Notice period, Preferred location: Mumbai / Pune



L3 – Vulnerability Management, Risk & Compliance Lead

Job Summary:

ITCI Cyber Security team is looking for the role which is accountable for leading the organization’s end-to-end vulnerability lifecycle and aligning risk and compliance efforts with regulatory mandates such as RBI Master Directions and SEBI Cybersecurity Framework. The individual will ensure timely vulnerability detection, validation, remediation governance, and risk-based prioritization. The role also anchors all compliance readiness activities across cybersecurity, translating control gaps into actionable security initiatives while coordinating with internal and external audit functions.

Key Responsibilities:

  • Lead the overall vulnerability management lifecycle across infra and application assets (VM, risk scoring, remediation tracking).
  • Own end-to-end delivery of VM scans, validation cycles, and risk-based prioritization using tools like Tenable/Nessus.
  • Map vulnerabilities to business risk and generate executive-level dashboards with risk exposure summaries.
  • Define and maintain risk treatment plans per RBI and SEBI frameworks, coordinating with infra and app teams.
  • Conduct compliance checks, technical control validations, and support readiness for RBI/SEBI/ISO audits.
  • Perform monthly risk posture reviews, threat trend reporting, and mitigation progress evaluations.
  • Oversee gap assessments against RBI Master Direction, SEBI circulars, and DPDP data security provisions.
  • Provide expertise in documenting technical controls, ISMS artifacts, and audit trails for internal and external audits.
  • Engage with stakeholders to establish security exceptions, compensating controls, and policy deviation approvals.
  • Build and maintain GRC tools and risk registers with role-based access and automated updates.

Key Skills & Certifications:

  1. 10+ years in cyber risk management, vulnerability assessment, and compliance delivery.
  2. Strong experience with Tenable/Nessus, Qualys, and GRC tools.
  3. ISO 27001 Lead Auditor, CRISC, or CISA certified.
  4. In-depth knowledge of RBI Master Direction on IT Framework, SEBI Cybersecurity Guidelines.
  5. Strong skills in risk quantification, reporting, and policy enforcement.
This advertiser has chosen not to accept applicants from your region.

Sr Specialist Cybersecurity - End User Endpoint Vulnerability Management

Bengaluru, Karnataka AT&T

Posted 1 day ago

Job Viewed

Tap Again To Close

Job Description

**Job Description:**
**About the Company:**
Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won't just imagine the future-you'll create it.
**About the Job:**
We are seeking an End User Endpoint Vulnerability Management Senior Specialist responsible for ensuring the security posture of all end user devices across the organization. This position calls for a security-minded professional with deep expertise in identifying, assessing, and mitigating vulnerabilities specific to endpoints-laptops, desktops, smartphones, and other user-operated devices.
**Experience Level:** 8+ years
**Location:** Hyderabad or Bengaluru
**Roles and Responsibilities:**
+ Endpoint Vulnerability Assessment: Conduct scheduled and ad-hoc vulnerability scans across a diverse and distributed fleet of end user devices. Analyze scan results to prioritize risks and recommend timely remediation actions.
+ Threat Intelligence Integration: Stay updated on emerging endpoint vulnerabilities, threat vectors, and exploit techniques. Leverage threat intelligence feeds to proactively strengthen endpoint protection.
+ Metrics & Reporting: Assist with regular reports detailing vulnerability trends, remediation status, and compliance metrics for management review.
+ Continuous Improvement: Assess the effectiveness of existing vulnerability management practices. Propose and implement innovative techniques to enhance detection, response, and remediation capabilities.
**Primary / Mandatory skills:**
+ 8+ years of Proven experience in cybersecurity, with a focus on 6 years of experience in an endpoint security and its vulnerability management.
+ Deep understanding of operating systems (Windows, macOS, Linux), mobile platforms (Android, iOS), and associated endpoint security controls.
+ Hands-on experience with vulnerability end user end point detection tools such as, SentinelOne, Palo Alto
+ Proficiency in scripting and automation (PowerShell, Python, Bash) to streamline vulnerability detection and remediation workflows.
+ Strong analytical skills with the ability to translate technical findings into actionable business recommendations.
+ Excellent written and verbal communication skills, able to present complex security concepts to non-technical audiences.
+ Demonstrated commitment to professional integrity, discretion, and confidentiality
**Desired Skills:**
+ Experience with ServiceNow
+ Experience with Vulnerability Assessment tools
**Additional information (if any):** Flexible to provide coverage in US morning hours upon need.
**Certification** : Relevant certifications such as CISSP or CCSP or equivalent are highly desirable.
**Weekly Hours:**
40
**Time Type:**
Regular
**Location:**
Hyderabad, India
It is the policy of AT&T to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, AT&T will provide reasonable accommodations for qualified individuals with disabilities. AT&T is a fair chance employer and does not initiate a background check until an offer is made.
AT&T will consider for employment qualified applicants in a manner consistent with the requirements of federal, state and local laws
We expect employees to be honest, trustworthy, and operate with integrity. Discrimination and all unlawful harassment (including sexual harassment) in employment is not tolerated. We encourage success based on our individual merits and abilities without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, disability, marital status, citizenship status, military status, protected veteran status or employment status
This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Vulnerability Management Jobs