Vulnerability Assessment & Threat Management – L3

Position Description:

Company Profile:
Founded in 1976 CGI is among the largest independent IT and business consulting services firms in the world. With 94000 consultants and professionals across the globe CGI delivers an end-to-end portfolio of capabilities from strategic IT and business consulting to systems integration managed IT and business process services and intellectual property solutions. CGI works with clients through a local relationship model complemented by a global delivery network that helps clients digitally transform their organizations and accelerate results. CGI Fiscal 2024 reported revenue is CA$14.68 billion and CGI shares are listed on the TSX (GIB.A) and the NYSE (GIB). Learn more at .

Job Title: Vulnerability Assessment & Threat Management L3

Position: SSE

Experience: 7 yrs

Category: IT Infrastructure

Main location: Bangalore Chennai Hyderabad Pune

Position ID: J1225-2135

Employment Type: Full Time

Qualification: Bachelors degree in Computer Science or related field or higher with minimum 6 years of relevant experience.

Vulnerability Assessment & Threat Management L3

Employment Type: Full Time

Location : Bangalore/Chennai/Hyderabad/Pune

Role Overview:

The VA & Threat Management L3 Specialist is responsible for leading enterprise vulnerability assessment threat detection and remediation programs. This role ensures proactive identification of risks drives mitigation strategies and provides advanced expertise in protecting IT infrastructure applications and data against evolving cyber threats.

Key Responsibilities
- Vulnerability Assessment & Management
- Lead enterprise vulnerability scanning and assessment programs across infrastructure applications and cloud environments.
- Prioritize vulnerabilities based on risk exploitability and business impact.
- Coordinate remediation activities with infrastructure application and DevOps teams.
- Threat Intelligence & Monitoring
- Integrate global threat intelligence feeds into security operations.
- Analyze emerging threats attack vectors and vulnerabilities to recommend proactive defenses.
- Collaborate with SOC teams to enhance detection and response capabilities.
- Incident Response & Risk Mitigation
- Act as escalation point for critical vulnerabilities and threat incidents.
- Support forensic investigations and root cause analysis of security breaches.
- Develop playbooks for vulnerability remediation and threat containment.
- Governance & Compliance
- Define and enforce vulnerability management policies standards and procedures.
- Ensure compliance with regulatory frameworks (ISO 27001 NIST PCI DSS GDPR HIPAA).
- Provide audit support and maintain risk registers.
- Tools & Technology
- Administer and optimize VA and threat management tools (Qualys Tenable Rapid7 CrowdStrike Palo Alto Splunk).
- Integrate vulnerability data with SIEM CMDB and ITSM platforms for holistic visibility.
- Develop dashboards and reports for leadership and compliance teams.
- Stakeholder Engagement
- Act as SME for vulnerability and threat queries across IT and business units.
- Provide training and awareness sessions to improve security posture.
- Collaborate with vendors regulators and auditors during escalations and reviews.


Required qualifications to be successful in this role
710 years of IT/security experience with at least 35 years in vulnerability and threat management.
- Strong knowledge of vulnerability assessment methodologies penetration testing and threat intelligence.
- Hands on expertise with VA tools (Qualys Tenable Rapid7) and SIEM platforms (Splunk QRadar Sentinel).
- Familiarity with ITIL processes and integration with ITSM tools.
- Excellent analytical communication and stakeholder management skills.
Preferred Qualifications
- CISSP CEH OSCP or equivalent advanced security certifications.
- ITIL v4 certification.
- Experience with cloud security (Azure AWS GCP).
- Exposure to large scale enterprise vulnerability management programs and audits.

Behavioural Competencies :
Proven experience of delivering process efficiencies and improvements
Clear and fluent English (both verbal and written)
Ability to build and maintain efficient working relationships with remote teams
Demonstrate ability to take ownership of and accountability for relevant products and services
Ability to plan prioritize and complete your own work whilst remaining a team player
Willingness to engage with and work in other technologies

CGI is an equal opportunity addition CGI is committed to providing accommodations for people with disabilities in accordance with provincial legislation. Please let us know if you require a reasonable accommodation due to a disability during any aspect of the recruitment process and we will work with you to address your needs.
Life at CGI:
It is rooted in ownership teamwork respect and belonging. Here youll reach your full potential because
You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction
Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas embrace new opportunities and benefit from expansive industry and technology expertise
Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons
Come join our team one of the largest IT and business consulting services firms in the world

Your future duties and responsibilities:

Vulnerability Assessment & Threat Management L3

Employment Type: Full Time

Location : Bangalore/Chennai/Hyderabad/Pune

Role Overview:

The VA & Threat Management L3 Specialist is responsible for leading enterprise vulnerability assessment threat detection and remediation programs. This role ensures proactive identification of risks drives mitigation strategies and provides advanced expertise in protecting IT infrastructure applications and data against evolving cyber threats.

Key Responsibilities
- Vulnerability Assessment & Management
- Lead enterprise vulnerability scanning and assessment programs across infrastructure applications and cloud environments.
- Prioritize vulnerabilities based on risk exploitability and business impact.
- Coordinate remediation activities with infrastructure application and DevOps teams.
- Threat Intelligence & Monitoring
- Integrate global threat intelligence feeds into security operations.
- Analyze emerging threats attack vectors and vulnerabilities to recommend proactive defenses.
- Collaborate with SOC teams to enhance detection and response capabilities.
- Incident Response & Risk Mitigation
- Act as escalation point for critical vulnerabilities and threat incidents.
- Support forensic investigations and root cause analysis of security breaches.
- Develop playbooks for vulnerability remediation and threat containment.
- Governance & Compliance
- Define and enforce vulnerability management policies standards and procedures.
- Ensure compliance with regulatory frameworks (ISO 27001 NIST PCIDSS GDPR HIPAA).
- Provide audit support and maintain risk registers.
- Tools & Technology
- Administer and optimize VA and threat management tools (Qualys Tenable Rapid7 CrowdStrike Palo Alto Splunk).
- Integrate vulnerability data with SIEM CMDB and ITSM platforms for holistic visibility.
- Develop dashboards and reports for leadership and compliance teams.
- Stakeholder Engagement
- Act as SME for vulnerability and threat queries across IT and business units.
- Provide training and awareness sessions to improve security posture.
- Collaborate with vendors regulators and auditors during escalations and reviews.

Required qualifications to be successful in this role:

710 years of IT/security experience with at least 35 years in vulnerability and threat management.
- Strong knowledge of vulnerability assessment methodologies penetration testing and threat intelligence.
- Handson expertise with VA tools (Qualys Tenable Rapid7) and SIEM platforms (Splunk QRadar Sentinel).
- Familiarity with ITIL processes and integration with ITSM tools.
- Excellent analytical communication and stakeholder management skills.
Preferred Qualifications
- CISSP CEH OSCP or equivalent advanced security certifications.
- ITIL v4 certification.
- Experience with cloud security (Azure AWS GCP).
- Exposure to largescale enterprise vulnerability management programs and audits.

#LI-SA19

Skills:

• Incident Management
• Threat Risk Assessment
• Vulnerability Management(IAVM)

What you can expect from us:

Together as owners lets turn meaningful insights into action.

Life at CGI is rooted in ownership teamwork respect and belonging. Here youll reach your full potential because

You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction.

Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas embrace new opportunities and benefit from expansive industry and technology expertise.

Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our teamone of the largest IT and business consulting services firms in the world.