IS Operations Manager Vulnerability Management (Infra VM)

Your role and responsibilities

In this role, you will have the opportunity to lead the global operations of ABBs Vulnerability Management Services (VMS), ensuring that all in-scope assets are scanned and remediated in alignment with ABBs security policies and standards. Each day, you will play a crucial role in protecting ABBs digital infrastructure by managing scanning tools, defining scanning policies, and coordinating with stakeholders to ensure the timely resolution of vulnerabilities.

This role contributes to the IS Information Security Function in India.

Key Responsibilities - You will be mainly accountable for:

• Ensure all ABB IS systems and assets are regularly scanned using the appropriate tools, scanning profiles, and authentication methods to deliver accurate and comprehensive vulnerability assessments aligned with the defined service scope.
• Take full ownership of vulnerability remediation efforts by coordinating with internal stakeholders, including IS service owners, technology teams, and external partners, to ensure the timely resolution of identified issues.
• Lead and manage the Vulnerability Management Services (VMS) team, ensuring complete asset coverage, effective stakeholder support, and adherence to ABBs global Infosec policies and standards.
• Oversee the functionality, availability, and configuration of VMS tools, particularly within the Qualys platform, ensuring scanning policies are properly maintained and aligned with service documentation and compliance requirements.
• Provide expert guidance and support for reporting and analysis initiatives within Information Security services, collaborating closely with the Master Data team and Business Area stakeholders.
• Define use cases for managing false positive detections and continuously work to reduce them, enhancing visibility and accuracy. Act as the central point of contact for all communications related to Vulnerability Management Services (VMS), including access requests and stakeholder updates.

Qualifications for the role

• A Bachelors or Masters degree in Information Technology, Computer Science, Software Engineering, or a related field, or equivalent practical experience.
• 10+ years of experience in Information Security, with a strong background in security operations, network/software security, and data analysis.
• 4+ years of hands-on experience in Vulnerability Management, with deep expertise in security configuration and hardening across:
• Operating Systems: Windows (all versions), UNIX/Linux (RedHat, CentOS, AIX, SUSE, Solaris, Ubuntu management skills, with fluency in English (spoken and
• Certifications required: ITIL V4 Foundation
• Preferred certification: CISM, CISSP, ISO 27001, related certification