InfoSec L2 VM (Infra & App) Security Manager

POSITION SUMMARY
Zoetis, Inc. is the world's largest producer of medicine and vaccinations for pets and livestock. The Zoetis Tech & Digital (ZTD) Global Technology Risk Management Organization is a key building block of ZTD.

Join us at Zoetis India Capability Center (ZICC) in Hyderabad, where innovation meets excellence. As part of the world's leading animal healthcare company, ZICC is at the forefront of driving transformative advancements and applying technology to solve the most complex problems. Our mission is to ensure sustainable growth and maintain a competitive edge for Zoetis globally by leveraging the exceptional talent in India.

At ZICC, you'll be part of a dynamic team that partners with colleagues worldwide, embodying the true spirit of One Zoetis. Together, we ensure seamless integration and collaboration, fostering an environment where your contributions can make a real impact. Be a part of our journey to pioneer innovation and drive the future of animal healthcare.

The Information Security Strategy & Risk Management team at Zoetis ensures a secure strategy through a disciplined process of making colleagues security savvy, driving down residual risk, reducing the attack surface, all while enabling the business. This team is responsible for critical services that strengthen Zoetis' security posture, including protecting sensitive data, identifying and mitigating cyber threats, and seamlessly integrating secure assets during organizational changes. Key functions within the team include Security Operations, Vulnerability Management, Threat Intelligence, Security Awareness, Mergers & Acquisitions Security, and Operational Technology (OT) Security. Through these services, the team empowers the organization to operate securely and efficiently in a dynamic digital environment.

This position is responsible for overseeing both infrastructure and application security testing within the Vulnerability Management team. The role will focus primarily on delivering day-to-day infrastructure vulnerability assessments across servers, networks, cloud environments, and endpoints, while also providing oversight for all application security assessments. Key responsibilities include vulnerability identification, prioritization, remediation guidance, and detailed reporting to ensure both infrastructure and application environments are secure. As a critical leader in improving the organization’s overall security posture, this role offers significant influence, independence, and access to the resources necessary to drive impactful security enhancements. The Security Manager will collaborate with cross-functional teams to implement effective vulnerability management practices, safeguard critical assets, and ensure robust security across both infrastructure and application layers.

POSITION RESPONSIBILITIES
Percent of Time
• Lead the strategy and execution of infrastructure vulnerability management services, ensuring alignment with organizational goals and compliance with corporate security standards.
• Manage and prioritize vulnerability management efforts across the application and infrastructure landscape, including servers, networks, cloud platforms, and endpoints, to ensure effective resource allocation and timely mitigation of risks.
• Conduct in-depth security and architecture reviews for complex infrastructure environments to identify vulnerabilities and evaluate the effectiveness of existing controls.
• Plan, execute, and manage vulnerability assessments for application and infrastructure components, leveraging industry-standard tools to identify and address security risks.
• Collaborate with cross-functional teams, including infrastructure operations, cloud engineers, and network administrators, to drive the timely remediation of vulnerabilities and provide expert guidance on risk reduction strategies.
• Analyze vulnerability scan results and threat intelligence to uncover trends, root causes, and systemic weaknesses, implementing automation and process improvements to enhance efficiency and effectiveness.
• Develop and maintain actionable metrics, dashboards, and detailed reporting to provide transparency into vulnerability management activities and support informed decision-making for leadership and business units.
• Partner closely with the Vulnerability Management Lead, Security Operations, and other internal stakeholders to optimize processes, fine-tune tools, and share critical security insights.
• Stay informed of emerging threats, vulnerabilities, and industry best practices, incorporating them into the organization’s infrastructure security strategy to strengthen the overall risk management framework.
• Ensure compliance with regulatory and corporate policies by driving vulnerability remediation efforts and enforcing security standards across the infrastructure. 100%

ORGANIZATIONAL RELATIONSHIPS

• This role will work closely with the Vulnerability Management Service Lead and the onshore vulnerability management team to ensure seamless execution of infrastructure security initiatives. It will collaborate with the Application, Infrastructure Operations, Cloud Engineering, and Network Administration teams to align on security strategies and best practices. The Security Manager will also engage with infrastructure owners and stakeholders within the Zoetis Tech & Digital (ZTD) organization to address vulnerabilities, provide expert guidance, and support risk mitigation efforts.


RESOURCES MANAGED  

Supervision
Approximately 3-5 ZICC colleague members of the ZICC InfoSec team.


EDUCATION AND EXPERIENCE
Education:
• University Degree in Computer Science or Information Systems is required
• MS or advanced identity courses or other applicable certifications is desirable, including
o Certified Information Systems Security Professional (CISSP)
• Relevant certifications in infrastructure security and vulnerability management, such as Offensive Security Certified Professional (OSCP), GIAC Certified Vulnerability Assessor (GCVA), or Certified Ethical Hacker (CEH), are highly preferred

Experience:
• A minimum of 10+ years of relevant  experience with a strong background in vulnerability management and security engineering.
• 2+ years of experience in the pharmaceutical or other regulated industry, especially Animal Health.
• Experience working with global teams across multiple time zones.
• Demonstrated ability to work within diverse technical teams.


TECHNICAL SKILLS REQUIREMENTS• Advanced proficiency with infrastructure vulnerability scanning and assessment tools, such as Tenable Vulnerability Management. Familiarity with CrowdStrike, Nucleus, BitSight, and Shodan preferred.
• Familiarity with application security assessment tools, such as dynamic application security testing (DAST) and static application security testing (SAST) platforms.
• Expertise in vulnerability management, risk assessment, and remediation strategies across servers, networks, cloud environments, and endpoints.
• Strong understanding of infrastructure security principles, system hardening practices, and vulnerability prioritization frameworks, such as CVSS and NIST.
• Experience with cloud platforms (e.g., AWS, Azure, GCP).
• Proficiency in scripting and automation (e.g., Python, PowerShell, or Bash) to streamline vulnerability management processes.
• Knowledge of network security concepts, including firewalls, intrusion detection/prevention systems, and secure network architecture.
• Demonstrated ability to analyze vulnerability scan results, correlate with threat intelligence, and develop actionable remediation plans.
• Capability to influence and collaborate with cross-functional teams to prioritize and implement security measures.
• Personal or professional experience in staying up to date with emerging threats, vulnerabilities, and security best practices.
• Pharmaceutical or other regulated industry experience is desirable.
• Excellent verbal and written communication skills, with the ability to clearly present findings and recommendations to technical and non-technical audiences.
• Must be fluent in both written and spoken English, with the ability to communicate effectively across technical and non-technical audiences.


PHYSICAL POSITION REQUIREMENTS

Availability to work between 1pm IST to 10pm IST hours (minimum 3 hours of daily overlap with US ET Time zone)