Senior Vulnerability Management Analyst

The Senior Vulnerability Management Analyst will be part of the ZS Information Security team based in Pune. In this role, you will lead efforts to identify, analyze, and remediate security vulnerabilities across ZSs infrastructure. You will collaborate with cross-functional teams to drive mitigation strategies, improve vulnerability management processes, and ensure timely resolution of risks. Staying current with evolving threats, technologies, and cloud security trendsincluding CSPM and CNAPPis essential. You will also contribute to enhancing ZSs overall security posture through strategic recommendations, reporting, and process optimization.

What you'll do :

• Analyze and prioritize vulnerabilities from internal scans, pen tests, threat intelligence, and red team exercises across infrastructure and cloud environments.
• Lead coordination efforts with infrastructure, cloud, and application teams to ensure timely remediation and secure configurations.
• Drive continuous improvement of vulnerability management processes through automation, tool optimization, and integrations.
• Develop and present reports and dashboards to leadership, highlighting remediation progress, risk trends, and strategic insights.
• Stay informed on emerging threats, vulnerabilities, and industry best practices to guide infrastructure security strategy.
• Review and maintain SOPs, runbooks, and ISMS documentation to support audit readiness and operational consistency.
• Mentor junior analysts and contribute to team knowledge sharing and capability building.
• Work closely with other security functions to ensure alignment and efficiency across ZSs security operations.
• Leverage AI tools to automate tasks, enhance reporting, and improve vulnerability detection and response.

What you'll bring :

• Bachelors degree in information security, IT, Computer Science, or a related field.
• 46 years of experience in vulnerability management, infrastructure security, or related domains.
• Strong understanding of the vulnerability management lifecycle and cloud environments (AWS, Azure, GCP).
• Hands-on experience with VAPT tools such as Tenable (Nessus), Rapid7, Qualys, Wiz, and open-source alternatives.
• Familiarity with CSPM and CNAPP platforms and their role in cloud security.
• Demonstrated experience in handling security incidents and coordinating remediation efforts.
• Excellent communication, presentation, and stakeholder management skills.
• Ability to translate technical findings into business-relevant insights and recommendations.
• Highly self-motivated, proactive, and capable of working independently or leading small initiatives.
• Flexibility to work late shifts as needed to collaborate with leadership teams based in the United States.
• Industry certifications such as CEH, Security+, or equivalent preferred.