At CGI, we’re a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to 72,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve. At CGI, we’re a team of builders. We call our employees members because all who join CGI are building their own company - one that has grown to 72,000 professionals located in 40 countries. Founded in 1976, CGI is a leading IT and business process services firm committed to helping clients succeed. We have the global resources, expertise, stability and dedicated professionals needed to achieve results for our clients - and for our members. Come grow with us. Learn more at www.cgi.com.
This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans. We wish to thank all applicants for their interest and effort in applying for this position, however, only candidates selected for interviews will be contacted. No unsolicited agency referrals please.
Vulnerability Assessment & Threat Management – L3
Employment Type: Full Time
Location : Bangalore/Chennai/Hyderabad/Pune
Role Overview:
The VA & Threat Management L3 Specialist is responsible for leading enterprise vulnerability assessment, threat detection, and remediation programs. This role ensures proactive identification of risks, drives mitigation strategies, and provides advanced expertise in protecting IT infrastructure, applications, and data against evolving cyber threats.
Key Responsibilities
- Vulnerability Assessment & Management
- Lead enterprise vulnerability scanning and assessment programs across infrastructure, applications, and cloud environments.
- Prioritize vulnerabilities based on risk, exploitability, and business impact.
- Coordinate remediation activities with infrastructure, application, and DevOps teams.
- Threat Intelligence & Monitoring
- Integrate global threat intelligence feeds into security operations.
- Analyze emerging threats, attack vectors, and vulnerabilities to recommend proactive defenses.
- Collaborate with SOC teams to enhance detection and response capabilities.
- Incident Response & Risk Mitigation
- Act as escalation point for critical vulnerabilities and threat incidents.
- Support forensic investigations and root cause analysis of security breaches.
- Develop playbooks for vulnerability remediation and threat containment.
- Governance & Compliance
- Define and enforce vulnerability management policies, standards, and procedures.
- Ensure compliance with regulatory frameworks (ISO 27001, NIST, PCI‑DSS, GDPR, HIPAA).
- Provide audit support and maintain risk registers.
- Tools & Technology
- Administer and optimize VA and threat management tools (Qualys, Tenable, Rapid7, CrowdStrike, Palo Alto, Splunk).
- Integrate vulnerability data with SIEM, CMDB, and ITSM platforms for holistic visibility.
- Develop dashboards and reports for leadership and compliance teams.
- Stakeholder Engagement
- Act as SME for vulnerability and threat queries across IT and business units.
- Provide training and awareness sessions to improve security posture.
- Collaborate with vendors, regulators, and auditors during escalations and reviews.
7–10 years of IT/security experience with at least 3–5 years in vulnerability and threat management.
- Strong knowledge of vulnerability assessment methodologies, penetration testing, and threat intelligence.
- Hands‑on expertise with VA tools (Qualys, Tenable, Rapid7) and SIEM platforms (Splunk, QRadar, Sentinel).
- Familiarity with ITIL processes and integration with ITSM tools.
- Excellent analytical, communication, and stakeholder management skills.
Preferred Qualifications
- CISSP, CEH, OSCP, or equivalent advanced security certifications.
- ITIL v4 certification.
- Experience with cloud security (Azure, AWS, GCP).
- Exposure to large‑scale enterprise vulnerability management programs and audits.
#LI-SA19
Together, as owners, let’s turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
Come join our team—one of the largest IT and business consulting services firms in the world.