Job Description

Key Responsibilities

1. Vulnerability Management & Scanning

• Manage Qualys agent deployment and lifecycle in collaboration with the IT Asset Management (ITAM) team
• Conduct and govern scheduled vulnerability scans:
  • Weekly internal scans
  • Monthly external scans
• Ensure scan coverage, accuracy, and alignment with organizational policies

2. Remediation Governance & Execution

• Drive wave-based remediation pipeline, including:
  • Planning and prioritization
  • Validation in test environments
  • Defined acceptance criteria before production rollout
• Lead criticality-based remediation strategy:
  • Prioritize Critical → High → Medium vulnerabilities
• Conduct post-remediation validation through Qualys re-scanning

3. Risk & Exception Management

• Manage exceptions and compensating controls with proper documentation and approvals
• Coordinate risk acceptance processes with stakeholders and security leadership
• Ensure audit readiness and compliance with internal and regulatory standards

4. Patch & Compliance Monitoring

• Track and enforce patch compliance across systems
• Publish monthly security posture and compliance reports to the CISO office
• Identify trends, gaps, and improvement areas in patching and vulnerability closure

5. System Hardening & Security Improvements

• Drive hardening initiatives for system images and configurations
• Support manual remediation and configuration-fix workflows where automation is not feasible
• Collaborate with engineering teams to institutionalize secure baselines

6. Segmentation & Security Posture Management

• Implement and manage asset segmentation (Red / Yellow / Green classification)
• Enable lab manager and environment-level security controls
• Establish and maintain audit cadence for continuous improvement

Required Skills & Qualifications

• Strong hands-on experience with Qualys Vulnerability Management platform
• Deep understanding of vulnerability lifecycle management and remediation frameworks
• Experience with patch management, OS hardening, and security configurations
• Knowledge of risk management, exception handling, and compliance reporting
• Familiarity with enterprise IT infrastructure (servers, networks, endpoints)

Preferred Qualifications

• Certifications such as CISSP, CEH, CompTIA Security+, or equivalent
• Experience working with CISO office or security governance teams
• Exposure to audit frameworks (ISO 27001, NIST, CIS benchmarks)

Key Competencies

• Strong analytical and problem-solving ability
• Stakeholder management and cross-functional coordination
• Structured and process-oriented mindset
• Ability to drive execution under tight timelines

At Zensar, we’re “experience-led everything” We are committed to conceptualizing, designing, engineering, marketing, and managing digital solutions and experiences for over 130 leading enterprises. We are a company driven by a bold purpose: Together, we shape experiences for better futures Whether for our clients, our people, or the world around us, this belief powers everything we do. At the heart of our culture is ONE with Client - a set of four core values that reflect who we are and how we work: One Zensar, Nurturing, Empowering, and Client Focus

Part of the $4.8 billion RPG Group, we’re a community of 10,000+ innovators across 30+ global locations, including Milpitas, Seattle, Princeton, Cape Town, London, Zurich, Singapore, and Mexico City. Explore Life at Zensar and join us to Grow. Own. Achieve. Learn. to be the best version of yourself.

We believe the best work happens when individuality is celebrated, growth is encouraged, and well-being is prioritized. We are an equal employment opportunity (EEO) and affirmative action employer, committed to creating an inclusive workplace. All qualified applicants will be considered without regard to race, creed, color, ancestry, religion, sex, national origin, citizenship, age, sexual orientation, gender identity, disability, marital status, family medical leave status, or protected veteran status.