As a Consultant at Deloitte Consulting, you will support end-to-end vulnerability management engagements, assisting in the identification, assessment, prioritization, and remediation tracking of security vulnerabilities across client environments. You will work alongside senior practitioners and cross-functional teams to deliver high-quality outcomes, leveraging both traditional VM tooling and emerging Anthropic / Agentic AI capabilities to accelerate threat detection and response.
Work you'll do
As a Consultant on the Cyber Operate team, you will be responsible for supporting vulnerability management operations across client environments.
- Support vulnerability scanning, assessment, and reporting activities across on-premises, cloud, and hybrid environments.
- Assist in triaging and prioritizing vulnerabilities using Common Vulnerability Scoring System, Exploit Prediction Scoring System, threat intelligence context, and asset criticality.
- Operate and maintain vulnerability management platforms such as RiskSense, ServiceNow Vulnerability Response, Tenable, Qualys, Rapid7, and Prisma Cloud.
- Contribute to automation pipelines that integrate vulnerability feeds, asset inventory, and ticketing platforms, and maintain remediation dashboards and registers.
- Collaborate with client and internal teams to document findings, support workshops, develop playbooks, and correlate vulnerability data with active threat intelligence.
The team
Cyber Operate teams manage clients' critical cyber assets either as a fully managed service or in partnership with clients. They deliver skilled talent, cutting-edge technologies, and robust processes to operate client cyber capabilities. This includes managing the identity lifecycle, security operations, threat intelligence, application security, business transformation, and ensuring continuous compliance. Services include Cyber-as-a-Service, Managed Application Security, and Managed Extended Detect & Respond (MXDR).
Location: Bengaluru / Hyderabad / Pune / Chennai
Shift Timings: 2:00 PM to 11:00 PM IST, with flexibility required based on client expectations, engagement demands, time zone coverage, on-call support, and after-hours operational needs
Qualifications
Required:
- 3-6 years of experience in cybersecurity with hands-on exposure to vulnerability management or security operations
- Experience with vulnerability management platforms such as RiskSense, ServiceNow Vulnerability Response, Armis VIPR, Tenable.sc, Nessus, Qualys, Rapid7 InsightVM, or Prisma Cloud
- Understanding of the vulnerability lifecycle, including scanning, triage, prioritization, remediation tracking, and closure verification
- Understanding of common vulnerability frameworks, including Common Vulnerability and Exposures, Common Vulnerability Scoring System, Exploit Prediction Scoring System, MITRE ATT&CK, and National Vulnerability Database
- Familiarity with cloud platforms such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform, and container security scanning fundamentals
- Experience supporting vulnerability reporting, remediation tracking, or security operations activities in a client delivery environment
- Bachelor’s degree in Computer Science, Cyber Security, Information Security, Engineering, Information Technology, or equivalent
Preferred:
- Familiarity with Anthropic Claude application programming interfaces or similar large language model platforms for security workflow automation
- Exposure to security orchestration, automation, and response platforms such as Splunk SOAR or Palo Alto XSOAR
- Certifications such as CompTIA Security+, Certified Ethical Hacker, Tenable Certified, or Qualys Certified Specialist
- Familiarity with security information and event management platforms such as Splunk or Microsoft Sentinel