Principal Engineer | On-site, Bangalore

As a Principal Engineer in Vulnerability & Patch Management at Optiv, you will play a critical role in implementing, optimizing and operationalize enterprise-wide vulnerability & patch management programs across internal and client environments. You will lead initiatives to enhance threat detection, risk prioritization, and remediation strategies, while collaborating with cross-functional teams to deliver high-impact security services. This role requires deep technical expertise, strategic thinking, and a passion for improving security posture through automation, analytics, and continuous improvement.

How You'll Make an Impact

• Serve as a subject matter expert in vulnerability management, leading the design and execution of scanning, analysis, and remediation workflows across hybrid environments.
• Collaborate with senior engineers, architects, and client stakeholders to deliver tailored vulnerability management solutions aligned with business and compliance requirements.
• Drive risk-based vulnerability prioritization, leveraging threat intelligence, asset criticality, and exploitability data.
• Lead enterprise-wide scanning initiatives, including authenticated scans across Windows, Linux, network devices, containers, and cloud platforms (AWS, Azure, GCP).
• Administer and optimize tools such as Qualys, Tenable, Rapid7, Prisma Cloud, Wiz and Tanium to support continuous monitoring and patch management.
• Utilize Tanium or other patch management tools to deploy patches, automate updates, and enforce configuration baselines across diverse endpoints.
• Develop and maintain dashboards and reporting using tools like Power BI to track KPIs, remediation progress, and risk trends.
• Define and implement vulnerability management KPIs, SLAs, and strategic goals in collaboration with leadership and clients.
• Produce detailed documentation of assessments, threat analysis, and remediation plans.
• Validate and track remediation efforts, ensuring closure of vulnerabilities and alignment with security policies.
• Provide expert guidance on threat modeling, external attack surface management, and exposure analysis.
• Act as a primary escalation point for zero-day vulnerabilities, patch-related incidents, coordinating with IT and engineering teams to resolve issues efficiently.

What We're Looking For

• 8+ years of experience in vulnerability management, including hands-on administration of platforms like Qualys, Tenable, Rapid7, Prisma Cloud, Contrast, and Tanium.
• Strong understanding of the vulnerability management lifecycle, including discovery, validation, prioritization, and remediation.
• Experience with cloud-native scanning and container security in AWS, Azure, and GCP environments.
• Proficiency in log analysis, TCP/IP networking, and endpoint telemetry to support threat investigations.
• Demonstrated ability to automate workflows and integrate vulnerability data into enterprise data lakes and CMDBs.
• Experience with external asset discovery, continuous monitoring, and attack surface management (ASM) tools.
• Strong analytical and problem-solving skills, with the ability to translate technical findings into business risk.
• Excellent communication skills and the ability to collaborate across technical and non-technical teams.
• Experience building and maintaining dashboards and metrics in Power BI or similar tools.
• Familiarity with security frameworks such as NIST, CIS, and MITRE ATT&CK is a plus.
• This role demands the availability during US Working Hours specifically from 5:00 PM to 2:00 AM IST.
• This role is Work from Office position

Preferred Certifications

• CISSP, CISM, CISA, or equivalent
• Vendor-specific certifications (e.g., Qualys, Tanium, Tenable, Wiz, CSPM etc.)

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)