Vulnerability Management Analyst

Position Description:

Title: Vulnerability Management Analyst L3
Location: Bangalore/Hyderabad/Chennai/Mumbai/Pune
Shift: European working hours
Skills: Cybersecurity Vulnerability Management Vulnerability Assessment CVSS scoring system Power BI Proficiency in any scripting language

The Vulnerability Management Analyst L3is a key member of the Vulnerability and Assurance Team as part of the Global Security Information Security & Architecture Center of Expertise contributing to the development enhancement and delivery of CGIs Vulnerability Management Program. This role requires advanced cybersecurity expertise including deep knowledge of networking fundamentals modern threats and vulnerabilities attack techniques threat actors and vulnerability management practices. The Analyst must be capable of conveying technical information clearly and effectively to non-technical business stakeholders both verbally and in writing.
The individual will perform security assessments across various corporate and vendor solutions within the scope of CGIs Internal and Shared Services.
This role can be located in any CGI Office in the following locations: Europe or Asia
KEY RESPONSIBILITIES
Operations

. Provide expert analysis of vulnerabilities identified through scanning tools.
. Collaborate with global teams including security architecture penetration testing application development and Risk Officers.
. Collect evaluate and classify threat indicators.
. Deliver security advisory services to business and project stakeholders supporting risk remediation documenting and tracking risks and enabling risk-based decision making aligned with CGIs objectives.
. Review and define requirements for information security solutions.
. Develop and Maintain Vulnerability Management processes.

Vulnerability Management

. Monitor identify and assess security vulnerability advisories from multiple vendors.
. Prioritize discovered vulnerabilities and establish remediation timelines
. Work closely with team members to maintain documentation of vulnerability management procedures.
. Develop risk-based mitigation strategies for networks operating systems and applications
. Lead regular and ad-hoc vulnerability assessments including analysis and validation.
. Collaborate with stakeholders and Red Team researchers to prioritize remediation and reduce attack exposure

Reporting

. Produce reports and recommendations based on vulnerability analysis.
. Prepare detailed management-level vulnerability reports.
. Track vulnerabilities and remediation outcomes to measure program effectiveness.
. Define and develop metrics to improve vulnerability management capabilities.

Service Management

. Partner with Global Security teams to configure baselines within assurance monitoring tools.
. Contribute to the enhancement of security and assurance monitoring tools as needed.
. Provide expert support on functional requests.
. Develop and maintain findings analysis for executive-level reporting.

EDUCATION

. Bachelors degree (preferred): Cybersecurity Computer Science Information Systems or a closely related technical field.
. Equivalent experience: Handson work in vulnerability management exposure management threat analysis or security engineering will be considered in place of a degree.
. Masters degree: A plus not required.

CERTIFICATIONS (Preferred but not required)
Candidates with one or more relevant cybersecurity certifications are preferred. Examples include:

. Vulnerability Management & Threat Intelligence: GCVP CySA GCTI
. General Security & Governance: CISSP CCSP CISM CRISC
. Cloud Security: AWS Certified Security Specialty; Microsoft Azure Security Engineer (AZ500) or Security Operations Analyst (SC200); Google Professional Cloud Security Engineer
. Offensive Security & Penetration Testing (Optional/Bonus): OSCP GPEN GXPN GWAPT.

Equivalent practical experience in vulnerability assessment exposure management threat analysis or security operations may substitute for formal certifications.
EXPERIENCE

. 5 years of experience in cybersecurity including at least 2 years in vulnerability management.
. Hands-on experience with vulnerability management tools such as Rapid7 Qualys Tenable or similar scanning platforms.
. Experience in cloud vulnerability management
. Proficiency in one or more scripting languages (e.g. Python PowerShell Ruby).
. Understanding of advanced persistent threats (APT).
. Strong knowledge of application network and operating system security concepts.
. Experience with PowerBi or RSA Archer.
. Familiarity with CVSS scoring for vulnerability evaluation and prioritization.
. Knowledge of cyber security frameworks such as CIS Benchmarks and NIST.
. Strong understanding of cyber security and risk management best practices

KEY SKILLS AND COMPETENCIES

. Excellent written and verbal communication skills in English; French is an asset.
. Ability to produce high-quality technical reports and remediation guidance tailored to diverse audiences.
. Self-motivated autonomous and proactive.
. Proven ability to collaborate effectively with cross-functional and virtual teams.
. Willingness to travel internationally up to 10% as required.
. Detail-oriented organized and methodical with strong follow-up and analytical skills.
. Ability to quickly learn new technologies.
. Adaptability to dynamic and evolving environments.

Skills:

• English
• Network
• Threat Risk Assessment
• Vulnerability Management(IAVM)
• CompTIA Cybersecurity Analyst
• French
• Offensive Security Cert Prof
• Offensive Security Cert Prof

What you can expect from us:

Together as owners lets turn meaningful insights into action.

Life at CGI is rooted in ownership teamwork respect and belonging. Here youll reach your full potential because

You are invited to be an owner from day 1 as we work together to bring our Dream to life. Thats why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our companys strategy and direction.

Your work creates value. Youll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas embrace new opportunities and benefit from expansive industry and technology expertise.

Youll shape your career by joining a company built to grow and last. Youll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.

Come join our teamone of the largest IT and business consulting services firms in the world.