3 Tenable Nessus Jobs

Hi, We have 4 open positions for the below role in Mumbai, Secondary location is Pune. Interested candidates can email their updated profiles to [HIDDEN TEXT] alongwith the following details: Current CTC, Expected CTC, Notice period, Preferred location: Mumbai / Pune L3 Vulnerability Management, Risk & Compliance Lead Job Summary: ITCI Cyber Security team is looking for the role which is accountable for leading the organizations end-to-end vulnerability lifecycle and aligning risk and compliance efforts with regulatory mandates such as RBI Master Directions and SEBI Cybersecurity Framework. The individual will ensure timely vulnerability detection, validation, remediation governance, and risk-based prioritization. The role also anchors all compliance readiness activities across cybersecurity, translating control gaps into actionable security initiatives while coordinating with internal and external audit functions. Key Responsibilities: Lead the overall vulnerability management lifecycle across infra and application assets (VM, risk scoring, remediation tracking). Own end-to-end delivery of VM scans, validation cycles, and risk-based prioritization using tools like Tenable/Nessus. Map vulnerabilities to business risk and generate executive-level dashboards with risk exposure summaries. Define and maintain risk treatment plans per RBI and SEBI frameworks, coordinating with infra and app teams. Conduct compliance checks, technical control validations, and support readiness for RBI/SEBI/ISO audits. Perform monthly risk posture reviews, threat trend reporting, and mitigation progress evaluations. Oversee gap assessments against RBI Master Direction, SEBI circulars, and DPDP data security provisions. Provide expertise in documenting technical controls, ISMS artifacts, and audit trails for internal and external audits. Engage with stakeholders to establish security exceptions, compensating controls, and policy deviation approvals. Build and maintain GRC tools and risk registers with role-based access and automated updates. Key Skills & Certifications: 10+ years in cyber risk management, vulnerability assessment, and compliance delivery. Strong experience with Tenable/Nessus, Qualys, and GRC tools. ISO 27001 Lead Auditor, CRISC, or CISA certified. In-depth knowledge of RBI Master Direction on IT Framework, SEBI Cybersecurity Guidelines. Strong skills in risk quantification, reporting, and policy enforcement. Show more Show less

L3 Vulnerability Management, Risk & Compliance Lead Location : Mumbai (Andheri East) Mode: Hybird Job Summary: ITCI Cyber Security team is looking for the role which is accountable for leading the organizations end-to-end vulnerability lifecycle and aligning risk and compliance efforts with regulatory mandates such as RBI Master Directions and SEBI Cybersecurity Framework. The individual will ensure timely vulnerability detection, validation, remediation governance, and risk-based prioritization. The role also anchors all compliance readiness activities across cybersecurity, translating control gaps into actionable security initiatives while coordinating with internal and external audit functions. Key Responsibilities: Lead the overall vulnerability management lifecycle across infra and application assets (VM, risk scoring, remediation tracking). Own end-to-end delivery of VM scans, validation cycles, and risk-based prioritization using tools like Tenable/Nessus. Map vulnerabilities to business risk and generate executive-level dashboards with risk exposure summaries. Define and maintain risk treatment plans per RBI and SEBI frameworks, coordinating with infra and app teams. Conduct compliance checks, technical control validations, and support readiness for RBI/SEBI/ISO audits. Perform monthly risk posture reviews, threat trend reporting, and mitigation progress evaluations. Oversee gap assessments against RBI Master Direction, SEBI circulars, and DPDP data security provisions. Provide expertise in documenting technical controls, ISMS artifacts, and audit trails for internal and external audits. Engage with stakeholders to establish security exceptions, compensating controls, and policy deviation approvals. Build and maintain GRC tools and risk registers with role-based access and automated updates. Key Skills & Certifications: 10+ years in cyber risk management, vulnerability assessment, and compliance delivery. Strong experience with Tenable/Nessus, Qualys, and GRC tools. ISO 27001 Lead Auditor, CRISC, or CISA certified. In-depth knowledge of RBI Master Direction on IT Framework, SEBI Cybersecurity Guidelines. Strong skills in risk quantification, reporting, and policy enforcement. Show more Show less

Role & Responsibilities: Manage, configure, and troubleshoot firewalls (Cisco, Nexus, Fortigate, Palo Alto, Belden Hirschmann). Maintain and secure network infrastructure, ensuring high availability and compliance. Administer systems like Active Directory, VMware, Hyper-V, and Windows Servers. Perform security hardening and patch management for systems and network devices. Deploy and manage endpoint protection tools such as Trellix/McAfee and vulnerability scanners like Tenable Nessus. Monitor and analyze network performance using NMS tools (e.g., WhatsUp Gold). Work with OT security tools such as Nozomi and have awareness of OT environments. Collaborate on SIEM/EDR integration and incident response. Participate in audits, documentation, and adherence to security best practices. Willing to travel based on project requirements. Preferred Candidate Profile: 58 years of hands-on experience in networking and cybersecurity (strong profiles with less experience may be considered). Strong knowledge of firewalls and network security technologies. Proficient in system administration (AD, VMware, Hyper-V). Certified in CCNA, CCNP, CISSP, CEH, or Microsoft certifications. Experience with endpoint protection and vulnerability management tools. Exposure to OT environments, IDS (e.g., Nozomi), and SIEM/EDR tools. Strong analytical, troubleshooting, and documentation skills. Based in or willing to relocate to Mumbai. Let me know if you'd like a more formal or bullet-point version.