L3 - Vulnerability Management, Risk and Compliance Lead
ITC InfotechMumbai, Maharashtra, IndiaHi, We have 4 open positions for the below role in Mumbai, Secondary location is Pune. Interested candidates can email their updated profiles to manikandan.g@itcinfotech.com alongwith the following details : Current CTC, Expected CTC, Notice period, Preferred location : Mumbai / Pune
L3 – Vulnerability Management, Risk & Compliance Lead
Job Summary :
ITCI Cyber Security team is looking for the role which is accountable for leading the organization’s end-to-end vulnerability lifecycle and aligning risk and compliance efforts with regulatory mandates such as RBI Master Directions and SEBI Cybersecurity Framework. The individual will ensure timely vulnerability detection, validation, remediation governance, and risk-based prioritization. The role also anchors all compliance readiness activities across cybersecurity, translating control gaps into actionable security initiatives while coordinating with internal and external audit functions.
Key Responsibilities :
Lead the overall vulnerability management lifecycle across infra and application assets (VM, risk scoring, remediation tracking).
Own end-to-end delivery of VM scans, validation cycles, and risk-based prioritization using tools like Tenable / Nessus.
Map vulnerabilities to business risk and generate executive-level dashboards with risk exposure summaries.
Define and maintain risk treatment plans per RBI and SEBI frameworks, coordinating with infra and app teams.
Conduct compliance checks, technical control validations, and support readiness for RBI / SEBI / ISO audits.
Perform monthly risk posture reviews, threat trend reporting, and mitigation progress evaluations.
Oversee gap assessments against RBI Master Direction, SEBI circulars, and DPDP data security provisions.
Provide expertise in documenting technical controls, ISMS artifacts, and audit trails for internal and external audits.
Engage with stakeholders to establish security exceptions, compensating controls, and policy deviation approvals.
Build and maintain GRC tools and risk registers with role-based access and automated updates.
Key Skills & Certifications :
10+ years in cyber risk management, vulnerability assessment, and compliance delivery.
Strong experience with Tenable / Nessus, Qualys, and GRC tools.
ISO 27001 Lead Auditor, CRISC, or CISA certified.
In-depth knowledge of RBI Master Direction on IT Framework, SEBI Cybersecurity Guidelines.
Strong skills in risk quantification, reporting, and policy enforcement.
Create a job alert for this search
Risk And Compliance • Mumbai, Maharashtra, India
- Promoted
Lead
BristleconeKalyan-Dombivli, IN- Promoted
▷ 15h Left! L3 – Vulnerability Management, Risk and Compliance Lead
ITC InfotechMumbai, Maharashtra, India- Promoted
VAPT Lead - OSCP Certified (Japan)
Cubical Operations LLPKalyan-Dombivli, IN- Promoted
- New!
Vice President Enterprise Security (Vulnerability Management)
M&GMumbai, Maharashtra, India- Promoted
MLops Engineer
RecroKalyan-Dombivli, IN- Promoted
Lead - Operational Risk Governance
L&T FinanceMumbai, Maharashtra, India- Promoted
Global P&L Lead
ElchemyMumbai, Maharashtra, India- Promoted
Vulnerability Management - L2
ITC InfotechMumbai, Maharashtra, India- Promoted
Senior Security & Compliance Manager
ConfidentialKalyan-Dombivli, IN- Promoted
OMS Lead
360 ONE WealthMumbai, Maharashtra, India- Promoted
L3 – Vulnerability Management, Risk and Compliance Lead
ITC InfotechMumbai, Maharashtra, India- Promoted
Lead Regional Compliance Specialist
Securitas GroupKalyan-Dombivli, IN- Promoted
Compliance Engineer - Sustainability Compliance (Remote)
CertivoThane, IN- Promoted
- New!
▷ Urgent Search : Vulnerability Management - L2
ITC InfotechMumbai, Maharashtra, India- Promoted
- New!
Site Reliability Engineer
CapgeminiThane, IN- Promoted
Business Risk Manager (Savings)
RevolutKalyan-Dombivli, IN- Promoted
Senior MLOps Engineer
Mitchell Martin Inc.Thane, IN- Promoted
