Cybersecurity Vulnerability

Role: Cybersecurity Vulnerability & Patch Management Engineer (India – U.S. Shift)

Working Hours: Monday to Friday, 9 AM – 5 PM PST (U.S. Business Hours)

Reporting To: Security Operations (SecOps) Leader – USA

Role Overview: We are hiring a skilled Cybersecurity Vulnerability Management Engineer based in India to support our U.S. Security Operations team. This role will be responsible for managing enterprise vulnerabilities, patching, and cloud security. You will work closely with the U.S. team and other global stakeholders to ensure our systems remain secure, compliant, and up to date.

Key Responsibilities:

• Vulnerability Management
• Manage vulnerabilities across networks, endpoints, Azure cloud, and enterprise applications.
• Perform full lifecycle vulnerability management using TenableOne - detect, prioritize, and remediate vulnerabilities (Zero-day, Critical, High, Medium, Low).
• Assess vulnerabilities based on CVE impact, CVSS, and VPR scores.
• Respond to zero-day vulnerabilities using CrowdStrike RTR for endpoint investigation and mitigation.
• Track and ensure timely remediation within SLA guidelines.
• Patch Management
• Design and manage patching for Windows, Linux, cloud workloads, and endpoints using Automox or similar tools.
• Develop automation scripts (PowerShell or Python) for deployment, validation, and rollback.
• Collaborate with IAM, Systems Engineering, End User Services, NetOps, and Software Engineering teams to ensure complete patch compliance.
• Monitor patch effectiveness and verify enterprise-wide coverage.
• Cloud Security & Threat Hunting
• Manage Azure Cloud security posture using Defender for Cloud, Azure Security Center, and Azure Policy.
• Perform threat hunting and incident response using Azure Sentinel and KQL queries.
• Governance, Reporting & Collaboration
• Lead weekly Vulnerability & Patch Management (VMP) status meetings.
• Prepare reports and dashboards covering vulnerability KPIs, MTTR, risk trends, patch compliance, and risk exposure.
• Work closely with SecOps leadership and cross-functional teams (IT, IAM, DevOps, NetOps, IAM) to drive remediation and process improvement.
• Team Involvement & Availability
• Participate in daily SecOps standups, lead VMP weekly status meetings, and attend bi-weekly staffing meetings.
• Be a proactive team player and provide mentorship and support for junior engineers.
• Availability required during U.S. business hours (PST timezone).

Required Qualifications:

• Minimum 5 years of experience in vulnerability and patch management in enterprise environments.
• Hands-on expertise with TenableOne.
• Experience with patch deployment using Automox or equivalent tools.
• Strong knowledge of CrowdStrike Falcon Complete and RTR scripting.
• Proficient in PowerShell and/or Python scripting.
• Proven ability to manage zero-day vulnerabilities and coordinate rapid remediation.
• Deep experience with Azure cloud security and threat detection using Azure Sentinel and KQL.
• Strong understanding of enterprise IT infrastructure: networking, servers, cloud, and endpoint security.
• Excellent communication and collaboration skills for cross-functional and executive reporting.

Preferred Qualifications:

• CISSP or equivalent cybersecurity certification.
• Experience with Infrastructure as Code (IaC) tools: Terraform, ARM templates, or Bicep.
• Azure Security Engineer Associate or CrowdStrike certification.
• Background in manufacturing or regulated industries.
• Familiarity with DevOps security tools such as Ansible, Chef, or Puppet.