Join Deloitte Cyber to help clients identify, assess, and reduce exposure across their digital environment. As a Manager, you will lead vulnerability management and attack surface management efforts by driving program execution, improving visibility into asset risk, and helping stakeholders prioritize remediation actions. You will work with global teams, enterprise security tools, and reporting frameworks to strengthen cyber situational awareness and support resilient operations.
Work you'll do
As a Manager on the Cyber Defense & Resilience team, you will be responsible for…
- Lead the design, implementation, and day-to-day management of vulnerability management activities across client environments
- Develop and maintain policies, standards, procedures, and reporting processes for vulnerability assessment, prioritization, and remediation
- Oversee scanning, testing, and analysis activities using enterprise tools to identify vulnerabilities, rogue assets, and exposure trends
- Communicate risk posture, remediation progress, and key metrics to technical teams, business stakeholders, and leadership
- Drive continuous improvement by identifying asset data gaps, supporting program reporting, and advancing the vulnerability management roadmap
The team
Cyber Defense & Resilience teams assist clients in identifying, prioritizing, and remediating vulnerabilities across their digital ecosystem through robust Attack Surface Management (ASM). By continuously monitoring client environments—networks, applications, cloud assets, and endpoints—they proactively uncover potential exposure points before threat actors can exploit them. Attack Surface Management (ASM) is a foundational capability within the Cyber Defense & Resilience portfolio, enabling proactive identification and mitigation of security vulnerabilities across an organization’s digital landscape.
Location: Bengaluru/Hyderabad/Pune/Chennai
Shift Timings: General
Qualifications
Required:
- 9+ years of experience in vulnerability management, information security, application security, or technical cybersecurity roles
- Bachelor’s degree in Computer Science or equivalent experience
- Certified Information Systems Security Professional (CISSP), GIAC Certified Intrusion Analyst (GCIA), or GIAC Continuous Monitoring Certification (GMON)
- Experience designing or managing vulnerability management programs
- Experience conducting vulnerability analysis using Qualys, Tenable, Rapid7, or similar tools
- Experience with networking protocols, including Transmission Control Protocol/Internet Protocol (TCP/IP), Domain Name System (DNS), and Hypertext Transfer Protocol (HTTP)
- Experience using Common Vulnerabilities and Exposures (CVE) and Common Vulnerability Scoring System (CVSS) frameworks
Preferred:
- Experience developing metrics, dashboards, or executive reporting on vulnerability status and remediation progress
- Experience with asset provisioning or deprovisioning lifecycle processes
- Experience with patch management tools such as Microsoft Intune or Red Hat Satellite
- Experience analyzing malicious code activity, distributed denial of service (DDoS), or network scanning activity
- Experience with Confluence, Jira, or Configuration Management Databases (CMDBs) such as ServiceNow
- Experience with databases, query design, or data analysis
#Cyber_Defense & Resilience