Senior Vulnerability Management Engineer

Location: Bangalore, India (Hybrid 3 days per week in office)

Department: Security Engineering Vulnerability Management

Experience Required: 12+ years in Security / Vulnerability Management

Role Type: Full-Time

About the Role

Omnissa is seeking a Senior Vulnerability Management Engineer (P5) to drive our global exposure management strategy. This expert-level role defines how Omnissa discovers, prioritizes, and remediates vulnerabilities across cloud, container, and traditional infrastructure environments.

As a Sr. Vulnerability Management Engineer, you will design enterprise-wide prioritization frameworks, define SLAs and accountability models, and partner directly with senior engineering and security leaders. You will unify Cloud-Native security (Wiz), traditional infrastructure scanning (Tenable), and remediation orchestration (Seemplicity) into a cohesive, scalable vulnerability management program.

This role is ideal for someone who wants to influence technical direction, mentor teams, own risk-reduction outcomes, and operate at the intersection of cloud, infrastructure, and engineering workflows.

Key Responsibilities

Hybrid Exposure Management

• Own and evolve the vulnerability discovery and exposure model across Omnissas hybrid environment.
• Use Wiz for cloud, container, Kubernetes, and serverless risk identification.
• Use Tenable (io/sc) for deep infrastructure and endpoint scanning.
• Maintain unified risk scoring, deduplication logic, and visibility across all data sources.

Remediation Operations (RemOps)

• Use Seemplicity as the centralized platform for routing, deduplication, normalization, and remediation workflows.
• Ensure engineering teams only receive prioritized, actionable findings.
• Develop and maintain enterprise-level remediation SLAs, exception processes, and escalation paths.

Developer Workflow & Automation

• Integrate vulnerability checks into GitHub pipelines (Actions, Security Tab).
• Manage automated Jira ticket creation, assignment, and status synchronization.
• Build automation using Python or PowerShell to exchange data across APIs (Wiz, Tenable, Seemplicity, GitHub, Jira).

Cross-Functional Collaboration

• Act as the primary technical Vulnerability Management partner for India-based engineering teams.
• Provide clear remediation guidance for cloud misconfigurations, Kubernetes and container best practices, and Windows/Linux hardening.
• Drive accountability and influence remediation strategy across multiple engineering groups.

Reporting, Metrics, and Leadership Visibility

• Create dashboards to measure MTTR, SLA compliance, and exposure trends across business units.
• Present risk posture and remediation progress to senior leadership.
• Lead initiatives that measurably reduce enterprise-wide risk.

Required Skills & Qualifications

Technical Expertise

• Advanced experience with:
• Tenable (Nessus, Tenable.io, Tenable.sc)
• Wiz for cloud and container exposure management
• Seemplicity or similar remediation orchestration platforms
• Deep understanding of:
• AWS and Azure cloud security fundamentals
• Kubernetes architecture and container hardening
• Windows and Linux server security baselines
• Dependency management in software development
• Strong automation capabilities using Python or PowerShell.

Vulnerability Management Expertise

• Strong understanding of exploitability, risk scoring, compensating controls, and threat intelligence.
• Experience designing enterprise-scale exposure and prioritization frameworks.
• Ability to define and own remediation SLAs and exception workflows.
• Demonstrated impact driving measurable vulnerability reduction across large engineering organizations.

Leadership & Collaboration

• Ability to influence across teams and guide senior engineering partners.
• Comfortable presenting to leadership and driving decisions that impact multiple business units.
• Willingness to mentor junior analysts and raise the maturity of the overall program.

Preferred Qualifications

• Certifications such as CISSP, CISM, GSEC, GMON, GRID, or cloud security specializations.
• Experience with GitHub-based secure development workflows.
• Track record building vulnerability management programs at scale.
• Exposure to attack surface management tools.

Why Join Omnissa

• Help build a modern, cloud-first vulnerability management program.
• Meaningfully influence enterprise-wide security posture.
• Work with global teams and modern tooling.
• Hybrid culture focused on collaboration, quality outcomes, and innovation.

Github Advanced Security would be helpful - not to own the platform but to be able to spot failures and understand when to accept FP, etc