Unilever - Senior Manager - Threat & Vulnerability Management

TVM Senior ManagerExperience : 12- 18 yearsLocation : BangaloreBusiness Context and Main Purpose of the Role :Unilever is one of the worlds leading consumer goods companies with operations in over 190 countriesand serving 3.4 billion consumers every day. Unilever delivers best in class performance with market making, unmissably superior brands which include Dove, Knorr, Domestos, Hellmanns, Marmite and Lynx. Our strategy beings with a purpose that places our consumers at the heart of everything we do, Brighten everyday life for all.Role Purpose :This role will lead and transform Unilevers Threat & Vulnerability Management (TVM) function, ensuringproactive identification, assessment, and mitigation of cyber risks across the enterprise. This role is pivotal in managing complex threat landscapes, driving strategic change, and overseeing a hybrid team an Managed Security Service Provider (MSSP) to deliver world-class cyber resilience.Role Summary :The Senior Manager TVM will be responsible for the end-to-end delivery of Unilevers threat and vulnerability management capabilities. This includes overseeing vulnerability scanning, threat intelligence integration, remediation coordination, and MSSP performance. The role requires a hands-on technical leader who can manage complex environments, lead change, and build strong relationships across technical and business stakeholders.Main Accountabilities Leadership & Program Ownership :- Define and evolve the TVM strategy aligned with Unilevers enterprise risk posture, regulatory requirements, and business priorities.- Own the global TVM program, including governance, tooling, process design, and performance metrics.- Lead transformation initiatives to modernize vulnerability management practices, integrate threat intelligence, and automate remediation Execution & Technical Oversight :- Oversee vulnerability scanning operations across on-prem, cloud, and hybrid environments using platforms such as Qualys, Tenable, or Rapid7.- Ensure timely and accurate vulnerability triage, risk-based prioritization, and remediation tracking in collaboration with IT and application teams.- Integrate threat intelligence feeds into vulnerability workflows to contextualize findings and improve prioritization.- Conduct hands-on analysis of critical vulnerabilities, zero-days, and emerging threats, providing technical guidance and escalation support.Team Leadership & Development :- Manage a hybrid team of onsite and remote security professionals, fostering a culture of accountability, innovation, and continuous learning.- Mentor and develop team members, ensuring technical growth and alignment with Unilevers leadership principles.- Drive collaboration across functions, including Cyber Threat Intelligence, Incident Response, and Application Security.MSSP & Vendor Management :- Oversee MSSP performance, ensuring SLAs, quality of service, and alignment with Unilevers security standards.- Manage vendor relationships, including contract negotiations, service reviews, and escalation handling.- Ensure seamless integration of MSSP outputs into internal workflows and reporting Engagement & Communication :- Engage with senior stakeholders, including business leaders, IT, and risk teams, to communicate risk posture and influence remediation decisions.- Prepare and deliver executive-level reporting, including dashboards, risk summaries, and board-level updates.- Represent TVM in audits, regulatory reviews, and governance forums, ensuring transparency and compliance.Metrics, Reporting & Continuous Improvement :- Define and track KPIs such as mean time to remediation (MTTR), vulnerability recurrence, and coverage rates.- Continuously assess program effectiveness, identifying gaps and driving improvements in tooling, process, and team capability.- Leverage data analytics to identify trends, inform strategy, and support Skills and Relevant Experience Skills :- Deep expertise in vulnerability management tools and platforms (e.g., Qualys, Wiz, Tenable, Rapid7).- Strong understanding of threat intelligence and its integration into vulnerability workflows.- Experience with SIEM, SOAR, and EDR technologies (e.g., Splunk, Sentinel, CrowdStrike).- Familiarity with cloud security (Azure, AWS, GCP), container security, and modern infrastructure.- Knowledge of CVSS scoring, exploitability analysis, and risk-based prioritization.- Ability to perform hands-on validation of vulnerabilities and support technical remediation efforts.- Understanding of secure configuration baselines, patch management, and asset & Soft Skills :- Proven experience leading and transforming cyber security teams and programs.- Strong stakeholder management skills, with the ability to influence across technical and businessdomains.- Excellent communication skills, including executive-level reporting and presentation.- Experience managing MSSPs and third-party vendors in a global environment.- Ability to lead through ambiguity and manage complex, high-pressure situations.- Strong organizational and project management skills, with a focus on delivery and outcomes.- Collaborative mindset with a focus on team development and :- Bachelors or Masters degree in Cybersecurity, Information Technology, or related field.- Relevant certifications (e.g., CISSP, CISM, CRISC, GIAC, OSCP) are highly desirable.- Minimum 8- 10 years of experience in cybersecurity, with at least 3 years in a leadership role. (ref:hirist.tech)