Virtusa

Threat and Vulnerability Management Head

Posted On

Dec. 9, 2024

Location

Bangalore, Karnataka

Experience Level

Full Time

Job Type

Experienced

Apply By

Jan. 22, 2025

Job Description

Position Summary:
The Head of Threat and Vulnerability Management will lead the organization's efforts to identify, assess, and mitigate security threats and vulnerabilities. This role will be responsible for overseeing internal and external penetration testing (PT), red teaming exercises, vulnerability management, system hardening, and application and API security. The ideal candidate will have a strong technical background, leadership experience, and a strategic vision for improving the organization’s security posture.

Key Responsibilities:
1. Leadership and Strategy:
Develop and implement a comprehensive threat and vulnerability management strategy.
Lead and manage a team of security professionals, providing guidance, mentorship, and performance evaluations.
Collaborate with other departments to integrate security best practices into all business processes.

2. Penetration Testing and Red Teaming:
Plan, execute, and oversee internal and external penetration tests and red team exercises.
Identify vulnerabilities and weaknesses in systems, networks, and applications.
Develop and present detailed reports on findings, including risk assessments and recommendations for remediation.

3. Vulnerability Management:
Establish and maintain a robust vulnerability management program.
Identify and reconcile the scope of vulnerability assessment
Conduct regular vulnerability assessments and scans.
Track and prioritize vulnerabilities for remediation based on risk and impact.
Work with IT and development teams to ensure timely and effective vulnerability remediation.
Ensure 100% coverage of assets for vulnerability assessment

4. System Hardening:
Develop and implement system hardening guidelines and best practices.
Ensure all systems are configured securely and in compliance with industry standards and regulatory requirements.
Conduct regular audits to verify compliance and identify areas for improvement.

5. Application and API Security:
Lead efforts to secure applications and APIs throughout the development lifecycle.
Collaborate with development teams to integrate security into the software development process.
Conduct code reviews, security testing, and vulnerability assessments of applications and APIs.
Reconcile and ensure 100% coverage of applications and APIs for vulnerability assessment

6. Third party Cyber Risk management
Establish and maintain a robust vulnerability remediation identified by third parties
Lead efforts to secure organisation external interface and support mitigate risks from the TPRM view
Ensure complete coverage of Organisation external IT infrastructure by these third party scanners

Qualifications:
Bachelor's degree in computer science, Information Security, or a related field. Master’s degree preferred.
Minimum of 15-18 years of experience in information security, with at least 5 years in a leadership role.
Strong technical expertise in penetration testing, red teaming, vulnerability management, system hardening, and application security.
Relevant certifications such as CISSP, CISM, OSCP, CEH, or similar.
Excellent understanding of security frameworks and standards (e.g., NIST, ISO 27001, OWASP).
Proven ability to lead and manage a team of security professionals.
Strong analytical, problem-solving, and decision-making skills.
Excellent communication and interpersonal skills.

Preferred Skills:
Experience with security tools and technologies (e.g., SIEM, IDS/IPS, vulnerability scanners, etc.).
Knowledge of regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS).
Familiarity with cloud security, container security and DevSecOps practices.

Jobs at Bangalore

Infosys

Data Scientist

9 - 11 Years Exp.

Bangalore, Karnataka

Threat and Vulnerability Management Head Apply Now

Job Description

Jobs at Bangalore

More Jobs at Virtusa

Actively Recruiting Companies at Bangalore, Karnataka

Threat and Vulnerability Management Head