All jobs

Cyber Security Manager, Service Delivery and Vulnerability Management

Dyson11h ago
India - Bangalore IT Capability CentreOnsiteFull-timeMid Level7+ yrs exp

Top focus

Delivery ManagerSecurity EngineerSecurity ArchitectManagement Consultant

Role Purpose As the Manager – Cyber Security – Service Delivery – Vulnerability Management, you are accountable for leading the end-to-end vulnerability management service across the enterprise. This role ensures the effective identification, prioritisation, remediation, and governance of vulnerabilities across our global operations and technology estate.

Operating as a strategic Individual Contributor with enterprise manager responsibilities, you will drive a risk-based approach to vulnerability management. By seamlessly integrating asset intelligence, threat intelligence, and business context, you will proactively reduce exposure, steer remediation efforts across global teams, and strengthen Dyson’s overall security posture.

In this role, you will lead and manage the following domains: Vulnerability Management Strategy & Governance: Defining enterprise-wide policies, frameworks, and playbooks aligned with Dyson’s need and industry best practices. Asset Discovery & Inventory Assurance: Ensuring exhaustive mapping and continuous discovery of Global IT, Cloud and OT assets.

Scanning Operations & Coverage: Managing complete deployment and execution of up-to-date vulnerability identification methodology and tools. Vulnerability Identification & validation: Implementing validation workflows to filter out noise and verify true positives, ensuring engineering teams receive actionable, high-fidelity alerts.

Risk-based Prioritisation: Incorporating active threat intelligence and asset criticality considerations into basic CVSS scores. Vulnerability remediation & risk reduction: Influencing, guiding and managing remediation workflows across engineering and platform teams.

Exception & risk management: Governing the formal risk management & acceptance lifecycle and validating compensating security controls. Metrics, reporting & insight: Develop data-driven dashboards tailored for KPI reporting for both technical teams and management.

Tooling & service optimisation: Continuous tuning scanner configurations, eliminating redundant tools, and deploying automation to ensure efficiency. Cross-functional engagement: Building collaborative bridges between Cyber Security, Group IT, DevOps, Infrastructure team and Business Stakeholders to embeds security considerations.

Key Skills & Qualifications Bachelor's degree in cyber security, Information Technology, Computer Science, or a related discipline (or equivalent practical experience). A minimum of 7–10 years’ experience in cybersecurity, with a strong focus on vulnerability management, security operations, or risk management within enterprise environments.

Demonstrated experience operating and improving vulnerability management programmes at scale, including ownership of tooling, governance, and remediation outcomes. Relevant industry certifications (e.g. CISSP, CISM, CRISC, GIAC) are highly desirable, along with proven experience engaging senior stakeholders, managing cross‑functional delivery, and aligning security outcomes to business risk and priorities.

Vulnerability Management & Security Expertise Strong understanding of the end‑to‑end vulnerability management lifecycle, including discovery, assessment, prioritisation, remediation, and validation. Strong grasp of remediation assurance activities of common vulnerabilities (e.g.

CVEs, OWASP, configuration weaknesses) and how they manifest across infrastructure, cloud, endpoint, and application environments, with the ability to apply risk‑based thinking to reduce exposure. Tooling & Technical Proficiency Hands‑on experience with vulnerability management platforms such as Qualys, Tenable, or Rapid7, including asset discovery, agent‑based and network scanning, and scan optimisation.

Ability to interpret scan outputs, manage false positives, tune scan policies, and integrate with CMDB and ITSM platforms (e.g. ServiceNow) to ensure accurate and actionable results. Risk Management & Prioritisation Ability to assess, quantify, and articulate cyber risk in business terms, leveraging frameworks such as NIST or ISO.

Skilled in risk‑based prioritisation that combines asset criticality, exploitability, and threat intelligence to ensure remediation efforts are focused on the highest‑impact vulnerabilities. Governance, Process & Control Design Experience designing and embedding scalable vulnerability management policies, standards, and procedures aligned to audit and compliance expectations.

Strong understanding of control frameworks, with the ability to manage exceptions, risk acceptance, and compensating controls in a structured and defensible manner. Service Delivery & Operational Management Proven capability in running a large‑scale security service, including managing SLAs, KPIs, backlog, and remediation workflows.

Able to drive consistent service performance, ensure high scan coverage and quality, and enforce accountability across distributed engineering and infrastructure teams. Data Analysis, Reporting & Insight Strong analytical skills to interpret vulnerability data, identify trends, and generate actionable insights.

Ability to develop clear reporting and dashboards for both technical and executive audiences, using metrics such as MTTR, SLA adherence, and exposure windows to drive continuous improvement. Stakeholder Management & Influence Highly effective communicator with the ability to engage, influence, and challenge both technical and non‑technical stakeholders.

Skilled in translating technical findings into business impact, driving remediation accountability, and building strong relationships across infrastructure, product, and risk domains. Threat Intelligence Integration Understanding of how to integrate cyber threat intelligence into vulnerability management processes, including awareness of actively exploited vulnerabilities and attacker tactics.

Ability to collaborate with CTI teams to ensure prioritisation reflects real‑world threat activity and emerging risks. Leadership & People Management Experience leading and developing teams, setting priorities, and managing competing demands.

Strong decision‑making capability, with a focus on building team capability, improving performance, and fostering a culture of accountability and continuous improvement. Continuous Improvement & Automation A continuous improvement mindset with a focus on optimising processes, increasing automation, and reducing manual effort.

Experience identifying opportunities to enhance workflows, tooling integration, and efficiency through scripting, APIs, or process redesign. Dyson is an equal opportunity employer. We know that great minds don’t think alike, and it takes all kinds of minds to make our technology so unique.

We welcome applications from all backgrounds and employment decisions are made without regard to race, colour, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other any other dimension of diversity.

Required skills

Cyber SecurityVulnerability ManagementRisk ManagementAsset DiscoveryData AnalysisGovernanceComplianceThreat IntelligenceService DeliveryOperational ManagementAnalytical SkillsStakeholder ManagementCISSPCISMCRISC
Posted on JobRush — the end-to-end AI job-search platform.