IS Analyst- Vulnerability Management

Gurgaon, India

Milliman

Discover your path at Milliman. Learn about our uniquely independent company culture and find opportunities in the actuarial profession, risk management, software development, marketing, and more.

View all jobs at Milliman

Apply now Apply later

The IS Analyst- Vulnerability Management position is an integral member of the GCS IS team and shall contribute recommendations regarding physical and technical information security best practices. The IS Analyst- Vulnerability Management position consults with local offices and their administrators to assist in the implementation of administrative and technical procedures for their networks and applications. The position reports to the Information Security Manager in India.

Duties/Responsibilities:

  • Key member of the GCS IS Ethical Hacking & Data Protection Team
    • Conduct regular vulnerability assessments using industry-standard tools (e.g., Qualys, Nessus).
    • Analyze scan results, prioritize vulnerabilities based on risk, and coordinate remediation efforts with IT and development teams.
    • Maintain and improve vulnerability management lifecycle, including scanning, reporting, tracking, and verification.
    • Monitor threat intelligence feeds and correlates internal findings to assess potential impact.
    • Develop and maintain dashboards and metrics to report on vulnerability trends and remediation progress.
    • Assist in the development and enforcement of security policies, standards, and procedures.
  • Keep up to date on information security threats and countermeasures and advise technical staff.
  • Participate as a member of the GCS Cyber Security Incident Response Team (CSIRT) as needed to consult on compromise vectors or the cyber kill chain.

Required Skills & Attributes:

  • Experience with vulnerability management tools- Qualys VMDR, Cloud Agents, and Nessus Professional.
  • Exhibit skills in the Vulnerability Management lifecycle, including vulnerability scanning, remediation and validation.
  • Proficiency with vulnerability scanning tools and interpreting CVSS scores.
  • Strong knowledge of operating systems (Windows, Linux), networking, and cloud environments.
  • Understanding of scanning cloud services (Azure, AWS) environment.
  • Strong English verbal and written communication skills—including the ability to effectively document and ability to clearly communicate vulnerability to the network administrators, asset owners, and key stakeholder.
  • Strong ability to work in a team effectively and collaborate across multiple time zones.

Required Qualifications:

  • Bachelor’s degree in Computer Science, Information Security, or a related field.
  • 5+ years of experience in vulnerability management or a related cybersecurity role.
  • Familiarity with regulatory and compliance frameworks (e.g., ISO 27001, NIST, PCI-DSS).

Preferred Skills & Attributes:

  • One (or more) relevant certifications: CISSP, CEH, CompTIA Security+, Qualys VMDR, etc.
  • Ability to interpret information security data and processes to identify potential compliance issues.
  • Decision-making and problem-solving skills including the ability to clearly define and resolve issues.
  • Assertive and proactive in identifying and resolving issues and concerns.
  • Excellent time management skills including the ability to prepare prioritize and complete work plans.
  • Ability to work with geographically diverse offices in a global organization, with a willingness to work offset hours occasionally to accommodate time zones.
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  5  0  0
Category: Analyst Jobs

Tags: AWS Azure CEH CISSP Cloud Compliance CompTIA Computer Science CSIRT CVSS Cyber Kill Chain Ethical hacking Incident response ISO 27001 Linux Nessus NIST Qualys Threat intelligence Vulnerabilities Vulnerability management Windows

Region: Asia/Pacific
Country: India

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.