url to apply-

from 10 to 15 year(s) of Experience


Not Disclosed by Recruiter

Posted: 2 days agoJob Applicants: 14Job Views: 14

Job Description


Blue Yonder Title:

  • Infrastructure Vulnerability Manager (Vulnerability/ Information Security/Cyber Security)

Other Comparable titles:

  • Infrastructure Security Manager, Manager – Infrastructure Vulnerability, Sr. Manager – Vulnerability & threat Management.


  • Leading AI-driven Global Supply Chain Solutions Software Product Company and one of Glassdoor’s “Best Places to Work”.
  • Seeking an astute individual that has a strong technical foundation with the additional ability to be hands-on with the broader engineering team as part of the development/deployment cycle, and deep knowledge of industry best practices, with the ability to implement them working with both the platform, and the product teams.


  • Infrastructure Vulnerability Manager who would be responsible for scanning the entire infrastructure of the organization and mitigating the risk.
  • Interact with internal technology functions to ensure they are made aware and stay updated on Secure Architecture and controls.
  • Will be directly responsible for vulnerability management and threat management of Blue Yonder infrastructure and information assets.

Our current technical environment:

  • Software: Java, Springboot, Gradle, GIT, Hibernate, Rest API, OAuth
  • Application Architecture: Scalable, Resilient, event driven, secure multi-tenant Microservices architecture
  • Cloud Architecture: MS Azure (ARM templates, AKS, HD insight, Application gateway, Virtue Networks, Event Hub, Azure AD)
  • Frameworks/Others: Kubernetes, Kafka, Elasticsearch, Spark, NOSQL, RDBMS, Springboot, Gradle GIT, Ignite

What you’ll do:

  • Perform vulnerability scans and report findings for On-prem and Cloud network.
  • Publish the vulnerability status reports to senior management and track remediation.
  • Define and participate in implementation of On-prem and Cloud architecture and security controls.
  • Proactive identification of threats and risk remediation.
  • Plan and implement security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
  • Maintain security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
  • Upgrade security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
  • Participate in and assist with incident response team, as appropriate.
  • Generate metrics for the Management as needed.
  • Prepare system security reports by collecting, analyzing, and summarizing data and trends.

What we are looking for:

  • 10+ years of experience in information security or Vulnerability Management
  • Minimum 6 years of proven experience in Information security or Vulnerability Management or Penetration testing; a Master’s degree can be substituted for experience.
  • Strong expertise in Vulnerability and Threat Management, gathering and condensing threat intelligence into actionable and meaningful communication materials.
  • Bachelor’s degree in information security or Information Technology or Computer Science or related fields
  • Deep and diverse experience architecting and implementing network security designs.
  • Expert in network security, system security and endpoint security.
  • Education and experience in public cloud infrastructure such as Microsoft, Google, AWS, or IBM.
  • Familiarity with security frameworks and regulatory requirements such as NIST, ISO 27001/2, and SSAE-18.
  • Proven experience with products dealing with vulnerability management services which include Nessus, Retina, Qualys, Nexpose, etc.
  • Practical experience with the development, implementation, and management of security related technologies (i.e., SIEM, WAF, AV, Firewalls, Internet-facing services).
  • Excellent customer service including strong written and oral communication skills.
  • Knowledge of security network devices (firewalls, switches, SIEM, Antivirus, cryptography, etc.) and other security networking hardware/software tools.
  • Demonstrated understanding of information security concepts, standards, practices, including but not limited to firewalls, intrusion prevention and detection, TCP/IP and related protocols, device monitoring and log management and event monitoring/reporting.
  • Certifications such as CISM, CEH, CISSP or equivalent.
  • Results focused and attention to detail.


Salary: Not Disclosed by Recruiter

Industry:IT-Software Software Services

Functional Area:IT Software - Application ProgrammingMaintenance

Role Category:Admin/Maintenance/Security/Datawarehousing


Employment Type:Full Time, Permanent

Key Skills

OauthHibernateISO 27001CehInformation SecurityNessusGradleRest ApiCisspMicroservices


UG:B.Tech/B.E. - Computers, B.Sc - Computers, BCA - Computers

PG:Any Postgraduate - Any Specialization