Job Description

The Associate, Cybersecurity Posture Management supports the day-to-day operations and continuous improvement of Revantage's security posture programs, including Cloud Security Posture Management (CSPM), SaaS Security Posture Management (SSPM), vulnerability management, identity and access governance, third-party cyber risk, and security awareness. The role works closely with infrastructure, engineering, and business teams across NA, EU, and APAC to identify risks, drive remediation, and maintain compliance with security policies and standards.

CORE RESPONSIBILITIES

1. Cloud Security Posture Management (CSPM)

• Administer and operate the CSPM toolset (Wiz) to continuously monitor cloud environments for misconfigurations and compliance gaps.
• Prioritize and assign vulnerability findings by category and severity to the infrastructure team; track remediation to closure.
• Discover and integrate additional tools with the CSPM platform to enhance coverage and automated remediation.
• Maintain policies, procedures, and governance documentation for CSPM operations.
  

2. SaaS Security Posture Management (SSPM)

• Administer and operate the SSPM toolset (Adaptive Shield) to assess and improve SaaS application security posture.
• Configure reports, rules, and notification workflows for critical vulnerabilities; prioritize findings and assign to infrastructure teams.
• Identify and remediate dormant users and misconfigured SaaS permissions.
• Produce and distribute regular security posture reports to stakeholders.

3. Vulnerability Management

• Administer the vulnerability management program: scan scheduling, findings review, and remediation assignment to infrastructure teams.
• Categorize and prioritize vulnerabilities by risk and business impact; track progress against SLAs.
• Maintain vulnerability management policies, procedures, and metrics reporting.

4. Identity & Access Governance

• Maintain policies and procedures for identity and access governance; ensure access controls are in place and regularly reviewed.
• Administer the access recertification process: maintain reviewer assignments and execute timely campaigns.
• Run IAM reports to identify and clean up unused accounts, stale groups, and over-privileged access.
• Represent Information Security in annual external audits and provide required evidence.

5. Third-Party Cyber Risk Management

• Operate the Third-Party Cyber Risk Management program: conduct vendor risk assessments, implement mitigation strategies, and monitor compliance.
• Collaborate with procurement and legal teams to ensure security requirements are embedded in contracts and third-party agreements.
• Perform annual reviews of provider SOC reports and document findings for audit purposes.
• Work with Revantage and portfolio company IT teams to coordinate third-party remediation efforts.

6. Security Awareness Training

• Administer and maintain the KnowBe4 security awareness training platform.
• Develop and deliver engaging awareness programs reflecting current threats and organizational risk priorities.
• Track and report training completion rates and campaign effectiveness to leadership.
• Continuously update training content to reflect the latest threat landscape and regulatory guidance.

7. DLP, Insider Threat & Security Monitoring

• Monitor DLP and Insider Threat Management systems; investigate and respond to alerts in accordance with policy.
• Monitor systems for anomalous behavior and implement preventive controls in collaboration with engineering teams.
• Participate in the change control process for security-related changes.

8. Operational & Administrative

• Respond to ServiceNow security tickets, troubleshoot issues, and drive resolution within SLA.
• Develop and maintain scripts (PowerShell, Python) for security administrative and automation purposes.
• Maintain secure, resilient enterprise-grade cloud processes in collaboration with architects and system engineers.
• Stay current on evolving threats, regulatory requirements, and security industry best practices; apply learnings across program areas.
• Participate in on-call duties during assigned periods.

REQUIRED QUALIFICATIONS

• Bachelor's degree in Computer Science, Information Assurance, MIS, or related field — or equivalent industry experience.
• Minimum 2 years of experience in security and systems administration with Azure cloud infrastructure (SaaS, IaaS, PaaS).
• Solid experience administering Windows operating systems and the Microsoft Azure cloud ecosystem including PowerShell.
• Working knowledge of Microsoft 365 productivity tools and Power BI for reporting and metrics dashboards.
• Excellent verbal and written communication skills; ability to translate technical findings for non-technical stakeholders.

PREFERRED QUALIFICATIONS

• Hands-on experience with Wiz (CSPM), Adaptive Shield (SSPM), Veza (identity governance), or similar toolsets.
• Experience with Microsoft Defender suite and Microsoft Sentinel.
• Familiarity with Linux administration and Python scripting.
• Experience across additional cloud ecosystems (AWS, GCP).

EDUCATION & CERTIFICATIONS

• Bachelor's degree in Computer Science, Information Security, or equivalent practical experience.
• Relevant certifications preferred: CCSP, CISSP, Azure Security Engineer Associate, or equivalent.

SUCCESS MEASURES

• Timely identification and remediation of CSPM and SSPM findings, with clear metrics reporting.
• High third-party risk assessment completion rates and audit-ready documentation.
• Security awareness training completion rates meeting or exceeding organizational targets.
• Clean IAM hygiene: reduced stale accounts, timely recertification cycles, and access compliance.
• ServiceNow ticket SLA compliance and high-quality resolution documentation.

Job Applicant Privacy Notice

EEO Statement

The Company is an equal opportunity employer. In accordance with applicable law, we prohibit discrimination against any applicant, employee, or other covered person based on any legally recognized basis, including, but not limited to: veteran status, uniformed servicemember status, race, color, caste, immigration status, religion, religious creed (including religious dress and grooming practices), sex, gender, gender expression, gender identity, marital status, sexual orientation, pregnancy (including childbirth, lactation or related medical conditions), age, national origin or ancestry, citizenship, physical or mental disability, genetic information (including testing and characteristics), protected leave status, domestic violence victim status, or any other consideration protected by federal, state or local law. We are committed to providing reasonable accommodations, if you need an accommodation to complete the application process, please email TalentAcquisitionIndia@revantage.com