We are seeking an experienced Vulnerability Management Consultant to lead security risk assessments, vulnerability analysis, and control design across infrastructure, cloud, and applications. The role is fully onsite and requires strong technical and regulatory knowledge.
Roles and Responsibilities
- Assess and review project designs for security risks; recommend controls and mitigations.
- Conduct risk assessments across applications, networks, systems, and vendors (SaaS/PaaS/IaaS).
- Translate compliance requirements (ISO 27001, SOX, SOC1/2) into security controls.
- Review VAPT results; prioritize and advise on remediation.
- Track, classify, and report risks in line with IRM standards.
- Work with cross-functional teams to implement and validate security controls.
- Support security governance and reporting.
Required Skills
- Strong knowledge of cloud (SaaS, PaaS, IaaS) and on-prem infrastructure security
- Experience with Qualys, Rapid7, Tenable.io, Nessus
- Familiar with ServiceNow, ITSM, CMDB
- Understanding of OWASP Top 10, DevSecOps, IAM, network/data/endpoint security
- BCP & DR knowledge (ISO 22301, ISO 27005)
Qualifications
- Bachelor's/Master’s in InfoSec, Engineering, or related field
- Preferred Certifications: ISO 27001 Lead Auditor/Implementor, CISSP, CISA, CISM, CRISC
- Strong communication, stakeholder engagement, and Agile project experience