Threat and Vulnerability Manager

Job Title: Threat & Vulnerability Management Senior Manager

Location: Bangalore

About Unilever

Be part of the world's most successful, purpose-led business. Work with brands that are well-loved around the world, that improve the lives of our consumers and the communities around us. We promote innovation, big and small, to make our business win and grow; and we believe in business as a force for good. Unleash your curiosity, challenge ideas and disrupt processes; use your energy to make this happen. Our brilliant business leaders and colleagues provide mentorship and inspiration, so you can be at your best. Every day, nine out of ten Indian households use our products to feel good, look good and get more out of life – giving us a unique opportunity to build a brighter future.

Every individual here can bring their purpose to life through their work. Join us and you'll be surrounded by inspiring leaders and supportive peers. Among them, you'll channel your purpose, bring fresh ideas to the table, and simply be you. As you work to make a real impact on the business and the world, we'll work to help you become a better you.

ABOUT UNIOPS:

Unilever Operations (UniOps) is the global technology and operations engine of Unilever offering business services, technology, and enterprise solutions. UniOps serves over 190 locations and through a network of specialized service lines and partners delivers insights and innovations, user experiences and end-to-end seamless delivery making Unilever Purpose Led and Future Fit.

Role Purpose:

This role will lead and transform Unilever's Threat & Vulnerability Management (TVM) function, ensuring proactive identification, assessment, and mitigation of cyber risks across the enterprise. This role is pivotal in managing complex threat landscapes, driving strategic change, and overseeing a hybrid team and Managed Security Service Provider (MSSP) to deliver world-class cyber resilience.

Role Summary:

The Senior Manager – TVM will be responsible for the end-to-end delivery of Unilever's threat and vulnerability management capabilities. This includes overseeing vulnerability scanning, threat intelligence integration, remediation coordination, and MSSP performance. The role requires a hands-on technical leader who can manage complex environments, lead change, and build strong relationships across technical and business stakeholders.

Main Accountabilities

Strategic Leadership & Program Ownership

• Define and evolve the TVM strategy aligned with Unilever's enterprise risk posture, regulatory requirements, and business priorities.

• Own the global TVM program, including governance, tooling, process design, and performance metrics.

• Lead transformation initiatives to modernize vulnerability management practices, integrate threat intelligence, and automate remediation workflows.

Operational Execution & Technical Oversight

• Oversee vulnerability scanning operations across on-prem, cloud, and hybrid environments using platforms such as Qualys, Tenable, or Rapid7.

• Ensure timely and accurate vulnerability triage, risk-based prioritization, and remediation tracking in collaboration with IT and application teams.

• Integrate threat intelligence feeds into vulnerability workflows to contextualize findings and improve prioritization.

• Conduct hands-on analysis of critical vulnerabilities, zero-days, and emerging threats, providing technical guidance and escalation support.

Team Leadership & Development

• Manage a hybrid team of onsite and remote security professionals, fostering a culture of accountability, innovation, and continuous learning.

• Mentor and develop team members, ensuring technical growth and alignment with Unilever's leadership principles.

• Drive collaboration across functions, including Cyber Threat Intelligence, Incident Response, and Application Security.

Strategic Leadership & Program Ownership

• Define and evolve the TVM strategy aligned with Unilever's enterprise risk posture, regulatory requirements, and business priorities.

• Own the global TVM program, including governance, tooling, process design, and performance metrics.

• Lead transformation initiatives to modernize vulnerability management practices, integrate threat intelligence, and automate remediation workflows.

Operational Execution & Technical Oversight

• Oversee vulnerability scanning operations across on-prem, cloud, and hybrid environments using platforms such as Qualys, Tenable, or Rapid7.

• Ensure timely and accurate vulnerability triage, risk-based prioritization, and remediation tracking in collaboration with IT and application teams.

• Integrate threat intelligence feeds into vulnerability workflows to contextualize findings and improve prioritization.

• Conduct hands-on analysis of critical vulnerabilities, zero-days, and emerging threats, providing technical guidance and escalation support.

Team Leadership & Development

• Manage a hybrid team of onsite and remote security professionals, fostering a culture of accountability, innovation, and continuous learning.

• Mentor and develop team members, ensuring technical growth and alignment with Unilever's leadership principles.

• Drive collaboration across functions, including Cyber Threat Intelligence, Incident Response, and Application Security.

MSSP & Vendor Management

• Oversee MSSP performance, ensuring SLAs, quality of service, and alignment with Unilever's security standards.

• Manage vendor relationships, including contract negotiations, service reviews, and escalation handling.

• Ensure seamless integration of MSSP outputs into internal workflows and reporting structures.

Stakeholder Engagement & Communication

• Engage with senior stakeholders, including business leaders, IT, and risk teams, to communicate risk posture and influence remediation decisions.

• Prepare and deliver executive-level reporting, including dashboards, risk summaries, and board-level updates.

• Represent TVM in audits, regulatory reviews, and governance forums, ensuring transparency and compliance.

Metrics, Reporting & Continuous Improvement

• Define and track KPIs such as mean time to remediation (MTTR), vulnerability recurrence, and coverage rates.

• Continuously assess program effectiveness, identifying gaps and driving improvements in tooling, process, and team capability.

• Leverage data analytics to identify trends, inform strategy, and support decision-making.

Key Skills and Relevant Experience

Technical Skills

• Deep expertise in vulnerability management tools and platforms (e.g., Qualys, Wiz, Tenable, Rapid7).

• Strong understanding of threat intelligence and its integration into vulnerability workflows.

• Experience with SIEM, SOAR, and EDR technologies (e.g., Splunk, Sentinel, CrowdStrike).

• Familiarity with cloud security (Azure, AWS, GCP), container security, and modern infrastructure.

• Knowledge of CVSS scoring, exploitability analysis, and risk-based prioritization.

• Ability to perform hands-on validation of vulnerabilities and support technical remediation efforts.

• Understanding of secure configuration baselines, patch management, and asset discovery.

Leadership & Soft Skills

• Proven experience leading and transforming cyber security teams and programs.

• Strong stakeholder management skills, with the ability to influence across technical and business domains.

• Excellent communication skills, including executive-level reporting and presentation.

• Experience managing MSSPs and third-party vendors in a global environment.

• Ability to lead through ambiguity and manage complex, high-pressure situations.

• Strong organizational and project management skills, with a focus on delivery and outcomes.

• Collaborative mindset with a focus on team development and mentorship.

Qualifications

• Bachelor's or Master's degree in Cybersecurity, Information Technology, or related field.

• Relevant certifications (e.g., CISSP, CISM, CRISC, GIAC, OSCP) are highly desirable.

• Minimum 8–10 years of experience in cybersecurity, with at least 3 years in a leadership role.

Our commitment to Equality, Diversity & Inclusion 

Unilever embraces diversity and encourages applicants from all walks of life This means giving full and fair consideration to all applicants and continuing development of all employees regardless of age, disability, gender reassignment, race, religion or belief, sex, sexual orientation, marriage and civil partnership, and pregnancy and maternity.

Note: "All official offers from Unilever are issued only via our Applicant Tracking System (ATS). Offers from individuals or unofficial sources may be fraudulent—please verify before proceeding."