Threat and Vulnerability Management Head
| Position Summary: The Head of Threat and Vulnerability Management will lead the organization's efforts to identify, assess, and mitigate security threats and vulnerabilities. This role will be responsible for overseeing internal and external penetration testing (PT), red teaming exercises, vulnerability management, system hardening, and application and API security. The ideal candidate will have a strong technical background, leadership experience, and a strategic vision for improving the organization’s security posture. Key Responsibilities: 1. Leadership and Strategy: Develop and implement a comprehensive threat and vulnerability management strategy. Lead and manage a team of security professionals, providing guidance, mentorship, and performance evaluations. Collaborate with other departments to integrate security best practices into all business processes. 2. Penetration Testing and Red Teaming: Plan, execute, and oversee internal and external penetration tests and red team exercises. Identify vulnerabilities and weaknesses in systems, networks, and applications. Develop and present detailed reports on findings, including risk assessments and recommendations for remediation. 3. Vulnerability Management: Establish and maintain a robust vulnerability management program. Identify and reconcile the scope of vulnerability assessment Conduct regular vulnerability assessments and scans. Track and prioritize vulnerabilities for remediation based on risk and impact. Work with IT and development teams to ensure timely and effective vulnerability remediation. Ensure 100% coverage of assets for vulnerability assessment 4. System Hardening: Develop and implement system hardening guidelines and best practices. Ensure all systems are configured securely and in compliance with industry standards and regulatory requirements. Conduct regular audits to verify compliance and identify areas for improvement. 5. Application and API Security: Lead efforts to secure applications and APIs throughout the development lifecycle. Collaborate with development teams to integrate security into the software development process. Conduct code reviews, security testing, and vulnerability assessments of applications and APIs. Reconcile and ensure 100% coverage of applications and APIs for vulnerability assessment 6. Third party Cyber Risk management Establish and maintain a robust vulnerability remediation identified by third parties Lead efforts to secure organisation external interface and support mitigate risks from the TPRM view Ensure complete coverage of Organisation external IT infrastructure by these third party scanners Qualifications: Bachelor's degree in computer science, Information Security, or a related field. Master’s degree preferred. Minimum of 15-18 years of experience in information security, with at least 5 years in a leadership role. Strong technical expertise in penetration testing, red teaming, vulnerability management, system hardening, and application security. Relevant certifications such as CISSP, CISM, OSCP, CEH, or similar. Excellent understanding of security frameworks and standards (e.g., NIST, ISO 27001, OWASP). Proven ability to lead and manage a team of security professionals. Strong analytical, problem-solving, and decision-making skills. Excellent communication and interpersonal skills. Preferred Skills: Experience with security tools and technologies (e.g., SIEM, IDS/IPS, vulnerability scanners, etc.). Knowledge of regulatory requirements and industry standards (e.g., GDPR, HIPAA, PCI-DSS). Familiarity with cloud security, container security and DevSecOps practices. |
Key job details
About Virtusa
Teamwork, quality of life, professional and personal development: values that Virtusa is proud to embody. When you join us, you join a team of 36,000 people globally that cares about your growth — one that seeks to provide you with exciting projects, opportunities and work with state of the art technologies throughout your career with us.
Great minds, great potential: it all comes together at Virtusa. We value collaboration and the team environment of our company, and seek to provide great minds with a dynamic place to nurture new ideas and foster excellence.
Virtusa is an Equal Opportunity Employer. All applicants will receive fair and impartial treatment without regard to race, color, religion, sex, national origin, ancestry, age, legally protected physical or mental disability, protected veteran status, status in the U.S. uniformed services, sexual orientation, gender identity or expression, marital status, genetic information or on any other basis which is protected under applicable federal, state or local law.
Applicants may be required to attend interviews in person or by video conference. In addition, candidates may be required to present their current state or government-issued ID during each interview. All candidates must be authorized to work in the USA.
Learn more
Awards and recognition
Syncing your Virtusa Information
Syncing Complete
Exporting your personal Virtusa brand items
Export Complete
Check your downloads folder for files and implementation instructions.
Assets are now available in your profile for future editing and use.
Loading your existing headshots
Please select any one of the images below
Downloading Secure Assets
Signing out