Lead / Sr. Lead, Vulnerability & Risk Management

No Relocation Assistance Offered
Job Number # Mumbai, Maharashtra, India

Who We Are

Colgate-Palmolive Company is a global consumer products company operating in over 200 countries specializing in Oral Care, Personal Care, Home Care, Skin Care, and Pet Nutrition. Our products are trusted in more households than any other brand in the world, making us a household name

Join Colgate-Palmolive, a caring, innovative growth company reimagining a healthier future for people, their pets, and our planet. Guided by our core values—Caring, Inclusive, and Courageous—we foster a culture that inspires our people to achieve common goals. Together, let's build a brighter, healthier future for all.
 

Vulnerability Operations Analyst 

Brief introduction - Role Summary/Purpose

Colgate-Palmolive is seeking an experienced Vulnerability Operations Analyst with a strong focus on cloud security and architecture to join our dynamic team. You will be instrumental in monitoring, detecting, analyzing, responding to, and remediating emerging vulnerabilities, particularly within our cloud infrastructures. This role requires close collaboration with various business areas and our Global Information Technology teams worldwide. You should have profound expertise in Windows, Linux, Mac OS, and cloud security, along with proficiency in vulnerability scanning, networking, and endpoint security technologies.

In this role, you will manage vulnerabilities, respond to alerts, and ensure our cloud environments, including AWS and GCP, are fortified against emerging threats. You will lead global vulnerability assessments and prioritize strategies for remediation, aligning with our overall program directives. Direct interaction with the Director of Global Security Operations and the CISO will be essential, providing a critical opportunity to safeguard Colgate-Palmolive's global infrastructure against risks.

Main Responsibilities:

• Advise on design to aid the implementation of robust cloud security architecture solutions to protect assets deployed on AWS and GCP.

• Conduct comprehensive vulnerability assessments and manage vulnerability scanning processes, with a focus on cloud security best practices.

• Collaborate with cross-functional teams to remediate identified cloud vulnerabilities, minimizing operational impact.

• Monitor and analyze cloud-based vulnerabilities, proactively addressing security risks and trends within cloud environments.

• Develop strategies for cloud vulnerability prioritization and remediation based on potential impact assessments.

• Optimize and manage cloud-based vulnerability management tools and security platforms.

• Generate thorough reports detailing cloud vulnerability assessments and remediation actions, tailored for technical and non-technical audiences.

• Maintain and document cloud security processes and standards, ensuring alignment with global cybersecurity policies.

• Engage in continuous research to stay ahead of emerging cloud threats and vulnerabilities.

• Provide guidance and mentorship to junior team members in cloud security practices.

• Ensure seamless integration of security measures in cloud infrastructures through effective change management processes.

Required Qualifications:

• Bachelor's/Master's degree in Computer Science, Information Systems, Cybersecurity, or equivalent field experience.

• Certifications including CompTIA Security+, CISSP, CCSP, AWS Certified Security, Google Professional Cloud Security Engineer.

• 3-5 years of dedicated experience in cloud security, cloud architecture, vulnerability management, or a related field.

• High proficiency with cloud security tools and platforms (e.g., AWS Security Hub, Google Cloud Security Command Center, Azure Security Center).

• In-depth understanding of cloud-native security controls and shared responsibility models.

• Strong familiarity with cybersecurity frameworks (e.g., NIST, ISO and their application in cloud services.

• Proven ability to communicate complex security concepts to both technical and executive audiences.

• Experience with DevSecOps practices and integrating security into CI/CD pipelines.

• Expertise in containerization security, specifically Docker and Kubernetes, and understanding their integration with cloud systems.

• Exceptional analytical skills with a proactive approach to identifying and mitigating security risks.

• Ability to work in a matrixed global team setting, demonstrating leadership and initiative.

Preferred Qualifications:

• Extensive experience in a large-scale, global enterprise setting with diverse cloud infrastructures.

• Advanced knowledge of programming and scripting languages like Python, Bash, or PowerShell for cloud automation and security tasks.

• Familiarity with modern endpoint and network security solutions in cloud environments.

• Demonstrated ability to interpret complex cybersecurity regulations and apply them effectively within cloud environments.

• Strong interpersonal skills and the ability to train and mentor junior security team members.

Our Commitment to Inclusion
Our journey begins with our people—developing strong talent with diverse backgrounds and perspectives  to best serve our consumers around the world and fostering an inclusive environment where everyone feels a true sense of belonging. We are dedicated to ensuring that each individual can be their authentic self, is treated with respect, and is empowered by leadership to contribute meaningfully to our business.

Equal Opportunity Employer
Colgate is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity, sexual orientation, national origin, ethnicity, age, disability, marital status, veteran status (United States positions), or any other characteristic protected by law.

Reasonable accommodation during the application process is available for persons with disabilities. Please complete this request form should you require accommodation.

#LI-Hybrid