InfoSec L2 VM (Infra) Sr Analyst

POSITION SUMMARY
Zoetis, Inc. is the world's largest producer of medicine and vaccinations for pets and livestock. The Zoetis Tech & Digital (ZTD) Global Technology Risk Management Organization is a key building block of ZTD.

Join us at Zoetis India Capability Center (ZICC) in Hyderabad, where innovation meets excellence. As part of the world's leading animal healthcare company, ZICC is at the forefront of driving transformative advancements and applying technology to solve the most complex problems. Our mission is to ensure sustainable growth and maintain a competitive edge for Zoetis globally by leveraging the exceptional talent in India.

At ZICC, you'll be part of a dynamic team that partners with colleagues worldwide, embodying the true spirit of One Zoetis. Together, we ensure seamless integration and collaboration, fostering an environment where your contributions can make a real impact. Be a part of our journey to pioneer innovation and drive the future of animal healthcare.

The Information Security Strategy & Risk Management team at Zoetis ensures a secure strategy through a disciplined process of making colleagues security savvy, driving down residual risk, reducing the attack surface, all while enabling the business. This team is responsible for critical services that strengthen Zoetis' security posture, including protecting sensitive data, identifying and mitigating cyber threats, and seamlessly integrating secure assets during organizational changes. Key functions within the team include Security Operations, Vulnerability Management, Threat Intelligence, Security Awareness, Mergers & Acquisitions Security, and Operational Technology (OT) Security. Through these services, the team empowers the organization to operate securely and efficiently in a dynamic digital environment.

This position supports the execution of infrastructure vulnerability management processes across servers, networks, cloud platforms, and endpoints. The role focuses on performing vulnerability assessments, analyzing results, coordinating remediation activities, and maintaining accurate reporting. As part of the Vulnerability Management (VM) team, the Sr. Analyst plays a critical role in enhancing the organization’s security posture by identifying and addressing vulnerabilities within Zoetis' global infrastructure. This position collaborates closely with cross-functional teams to ensure timely and effective remediation of risks while adhering to corporate security standards and regulatory requirements. The Sr. Analyst will also assist in process improvements, tool optimization, and maintaining an up-to-date understanding of the evolving threat landscape.

POSITION RESPONSIBILITIES 
    Percent of Time
•    Execute vulnerability scanning and assessment activities for infrastructure components, including servers, networks, cloud platforms, and endpoints, using enterprise-grade tools.
•    Analyze vulnerability scan results, assess risk levels, and provide detailed reports to technical teams and management.
•    Assist in the coordination and tracking of remediation efforts by collaborating with IT Operations, Cloud Engineering, and Network Administration teams.
•    Ensure accurate and timely updates to vulnerability management systems and dashboards, providing transparency into the effectiveness of remediation activities.
•    Leverage threat intelligence to contextualize vulnerabilities and prioritize remediation based on potential impact to the organization.
•    Support process improvements and automation initiatives to enhance the efficiency and scalability of vulnerability management activities.
•    Perform technical and security reviews of infrastructure environments to identify potential weaknesses and recommend mitigation strategies.
•    Stay informed on emerging threats and vulnerabilities, providing recommendations to improve the organization’s defenses.
•    Collaborate with the Vulnerability Management Service Lead, ZICC VM Infrastructure Security Manager, and other internal stakeholders to align on best practices and support key initiatives.
•    Help ensure compliance with regulatory requirements and corporate policies related to infrastructure security.    100%

ORGANIZATIONAL RELATIONSHIPS

•    This role will work closely with the Vulnerability Management Service Lead, the ZICC VM Infrastructure Security Manager, and the onshore vulnerability management team to support the execution of infrastructure security initiatives.
•    Collaborate with Infrastructure Operations, Cloud Engineering, and Network Administration teams to address vulnerabilities and deliver remediation guidance.
•    Engage with infrastructure owners within the Zoetis Tech & Digital (ZTD) organization to support vulnerability management activities and address security risks.

EDUCATION AND EXPERIENCE 
Education:
•    University Degree in Computer Science or Information Systems is required 
•    MS or advanced identity courses or other applicable certifications is desirable, including
o    Certified Information Systems Security Professional (CISSP) 
•    Relevant certifications in infrastructure security and vulnerability management, such as Offensive Security Certified Professional (OSCP), GIAC Certified Vulnerability Assessor (GCVA), or Certified Ethical Hacker (CEH), are highly preferred

Experience:
•    A minimum of 6+ years of relevant  experience with a strong background in vulnerability management and security engineering. 
•    2+ years of experience in the pharmaceutical or other regulated industry, especially Animal Health.
•    Experience working with global teams across multiple time zones.
•    Demonstrated ability to work within diverse technical teams.

TECHNICAL SKILLS REQUIREMENTS•    Proficiency with vulnerability scanning and management tools (e.g., Tenable, CrowdStrike, BitSight, Shodan, Nucleus).
•    Strong understanding of vulnerability management frameworks and prioritization methodologies (e.g., CVSS).
•    Basic scripting or automation skills (e.g., Python, PowerShell, or Bash) to support process automation.
•    Familiarity with cloud platforms like AWS and Azure, including their security features and best practices.
•    Strong knowledge of infrastructure security principles, system hardening, and vulnerability remediation processes.
•    Experience in analyzing vulnerability data, correlating with threat intelligence, and providing actionable insights.
•    Knowledge of network security concepts, including firewalls, intrusion detection/prevention systems, and secure network architecture.
•    Familiarity with security compliance frameworks and standards such as NIST, ISO 27001, or CIS.
•    Excellent analytical skills for identifying trends, root causes, and systemic weaknesses in vulnerability data.
•    Strong verbal and written communication skills for creating clear reports and collaborating with technical and non-technical stakeholders.

PHYSICAL POSITION REQUIREMENTS 
Availability to work between 1pm IST to 10pm IST hours (minimum 3 hours of daily overlap with US ET Time zone)