Cyber Security Vulnerability Manager

Role : Cyber Security Vulnerability Manager

Location : Gurugram

Job Description :

We are seeking a highly experienced and proactive Senior Vulnerability and Threat Management Specialist to lead and mature our organisation's vulnerability management program. This role will be primarily responsible for the operational and strategic use of and/or , ensuring continuous visibility into cyber risk exposure, driving remediation efforts, and providing threat context to vulnerability data.

This individual will work cross-functionally with IT, Security Operations, DevSecOps, and Risk teams to reduce our attack surface and meet compliance and security objectives.

Key Responsibilities :

- Lead the design, implementation, and optimisation of the vulnerability management life cycle using , , Nessus, and related tools.

- Perform regular internal and external vulnerability scans across on-premise, cloud, container, and hybrid environments.

- Analyze scan results and coordinate remediation efforts with system owners and application teams.

- Develop and maintain metrics, dashboards, and reports that clearly communicate risk posture, trends, and remediation progress.

- Integrate Tenable with other platforms (e.g., ServiceNow, Splunk, Azure, AWS) to enhance automation and reporting.

- Continuously evaluate threat intelligence feeds to contextualize and prioritize vulnerabilities based on real-world exploitability.

- Partner with IT and security teams to validate patch and configuration compliance.

- Perform risk assessments on new systems and applications, identifying potential vulnerabilities and providing mitigation recommendations.

- Maintain asset inventory and ensure proper scoping of scans in dynamic environments.

- Develop and enforce policies, standards, and procedures for vulnerability management.

- Stay informed on evolving threats, CVEs, and emerging vulnerabilities that may impact the organization.

Required Qualifications :

years of experience in cybersecurity with a focus on vulnerability management and threat analysis.

- Strong hands-on experience with , , Nessus Professional, and associated modules (e.g., Lumin, WAS).

- Proven ability to interpret vulnerability data and CVSS scores and translate them into risk-based prioritization.

- Experience with asset tagging, segmentation, and scan tuning in Tenable for large, complex environments.

- Familiarity with integrating Tenable data into SIEMs, ticketing systems, or CMDBs.

- Strong understanding of operating systems (Windows, Linux), networking, cloud platforms (Azure, AWS), and containers.

- Knowledge of industry standards and frameworks such as NIST CSF, NIST 800-53, CIS Controls, and MITRE ATT&CK.

- Strong verbal and written communication skills; capable of delivering reports and recommendations to both technical and executive audiences.

Preferred Qualifications :

- Tenable certifications (e.g., Tenable Certified Assessor or Tenable Certified Engineer)

- Experience with ServiceNow Vulnerability Response or similar workflow automation tools.

- Scripting skills (Python, PowerShell, or Bash) for automation and tool integration.

- Experience with secure configuration benchmarks (CIS, STIGs).

- Exposure to threat intelligence platforms and risk-based vulnerability management strategies.