M

Cyber Manager - Threat Exposure Management (Infrastructure)

Maersk · India, Bengaluru, 560064

~₹30L (est.)8–15 yrs experiencePosted 3w ago
Apply now →

Job description

Job Role- Cyber ManagerThe Cyber Manager for Threat Exposure Management is responsible for leading [as a people manager] the enterprise-wide operations, and continual evolution of the organisation’s threat exposure management lifecycle and reduction programmes within a given scope, and reports to the Senior Cyber Manager – Threat Exposure Management. This role ensures that exposures across infrastructure, applications, identities, cloud, OT/IoT, AI, and third-party ecosystems are proactively identified, prioritised, validated, and remediated in alignment with business risk and operational resilience requirements. The successful candidate must demonstrate a strong track record in leading [also as a people manager] high-performing technical teams and fostering a culture of technical excellence. They will bring market-proven know-how to establish industry-driven threat exposure management practices, whilst effectively influencing stakeholders across the organisation. The candidate must also bring advanced technical expertise in threat exposure, vulnerability management and defensive and offensive security, with the ability to lead deep technical discussions and conduct complex analysis across some of the following technologies: IT, OT, Cloud, Applications, Data, Identities, Code and AI-driven environments.Key Responsibilities: • Lead the technical direction and operational governance of Threat Exposure and Vulnerability Management across heterogeneous environments, including enterprise IT, OT/ICS systems (PLC, SCADA, DCS), multi-cloud architectures (such as Azure, AWS, GCP), container platforms, Kubernetes clusters, application stacks, CI/CD pipelines, Data, Identity, source-code repositories and AI/ML ecosystems. • Oversee the full threat exposure lifecycle: continuous asset discovery, authenticated scanning, passive/active enumeration, exploitability analysis, threat correlation, prioritisation logic, risk acceptance workflows and exception governance. • Ensure end-to-end integration with asset intelligence platforms, CMDB, CSPM, vulnerability scanners, code-security toolchains (SAST, SCA, DAST, IaC, secret scanning), and ASM/EASM technologies, establishing high-fidelity visibility across all attack-surface domains. • Collaborate with Threat Intelligence to operationalise threat-led prioritisation, mapping exploit campaigns, adversary TTPs and industry-specific threat trends to internal exposure data. Align Vulnerability Management (VM) and Continuous Threat Exposure Management (CTEM) with predictive models and real-time intel feeds. • Direct technical coordination with Red Team and Incident Response to validate exploit paths, confirm actual attack feasibility, and translate validation findings into actionable remediation and control enhancements, partnering with Protect capability and Issues Engineers. • Govern cloud exposure management across CSPs, ensuring deep visibility into misconfigurations, identity privileges, network paths, storage exposures, API endpoints and container orchestration layers. • Extend VM and CTEM coverage into OT/ICS environments with risk-aware, non-disruptive methods. Coordinate with OT Security teams to identify vulnerabilities, weak configurations, outdated firmware, and unmanaged assets. • Manage Vulnerability and Threat Exposure Management across Identity services, including account hygiene, privileged-access pathways, directory health, DNS/DHCP configurations, PKI integrity, authentication flows, domain controller posture, and any identity-linked misconfigurations that create exploitable attack paths. • Oversee AI/ML exposure across data ingestion pipelines, model training and deployment layers, ensuring identification of risks such as model inversion, data poisoning, prompt injection, insecure model APIs and ungoverned LLM integrations. Operational Excellence & Quality Obsession · Maintain functional metrics and KPIs, delivering performance at or above agreed targets to support operational excellence. • Develop and uphold operational dashboards, SOPs, workflows, playbooks and service definitions, ensuring high-quality, consistent, standards-driven service delivery. • Lead remediation governance, risk-acceptance workflows, escalation pathways and exception management processes. • Enable effective cross-team coordination across Cyber Functions such as Identity, Respond, Detect, Protect, Strategy, Delivery, Platform Engineering, Threat Intelligence, Architecture, Risk, Issues Engineers and Portfolio Cyber Leads. Reporting, Analytics & Metrics • Deliver comprehensive operational dashboards and KPIs covering key areas of the attack surface such as scanning coverage, vulnerability spread, backlog trends, survival and churn rates, threat posture, exposure windows, exploitability indicators, and Critically Exposed Assets (CEA) pipeline performance. • Ensure reporting is accurate, timely and aligned to leadership expectations, enabling data-driven decision-making and clear visibility of exposure and progress. • Maintain structured analytics frameworks to measure remediation effectiveness, prioritisation accuracy and overall functional performance across all attack-surface domains. • Partner with Operational Insights to provide insights and trend analysis that support continuous improvement, strategic planning and operational excellence across Cyber Operations. Relevant Services • Threat Exposure Management (TEM) • Vulnerability Management (VM) • Attack Surface Management (ASM) • External Attack Surface Management (EASM) • Enterprise Surface Discovery (ESD) Professional Background 8