Principal Specialist - Cyber Vulnerability Assessment

Date Posted:

2025-12-02

Country:

India

Location:

1st Flr, Wing B, North Gate Phase-II, Modern Asset, Sy.No.2/2, Venkatala Village, Yelahanka Hobli, Bangalore – 560064, Karnataka

Position Role Type:

Unspecified

Role Overview

We are seeking a highly motivated, independent, and proactive vulnerability management analyst to join our cybersecurity team. This critical role is responsible for identifying, prioritizing, and driving the remediation of security vulnerabilities across the enterprise. The ideal candidate is a skilled critical thinker with a proven ability to manage a complex workload without direct supervision. You will be responsible for the full lifecycle of vulnerability findings from analysis and documentation to facilitating follow-up meetings and ensuring closure.

The candidature is expected to follow a hybrid work model, balancing remote and on-site presence based on business needs, key meetings, critical milestones, team collaboration needs, audits or incident response requirements.

What Will You Do

• Prioritize & Analyze: Analyze vulnerability data from various sources and contextualize it with asset criticality and threat intelligence to prioritize the most critical risks.
• Drive Remediation: Identify and lead remediation activities, facilitating remediation strategies with system owners, DT operations, and application teams, and clearly communicating required actions and timelines.
• Influence & Collaborate: Influence across RTX and Collins DT operations to ensure remediation activities are prioritized, tested, and deployed.
• Document & Track: Meticulously document all vulnerability findings, track remediation progress in a central system (e.g., GRC or ticketing tool), and manage the full lifecycle to closure.
• Report & Measure: Develop and present clear, actionable reports and metrics on the state of vulnerability management, risk exposure, and remediation progress to the leadership.
• Strategic Planning: Work independently to identify opportunities to reduce risk and proactively drive new initiatives or workstreams.
  
  

Qualifications You Must Have

• Bachelor’s degree in Computer Science, IT, Information Security, Engineering, or related field with 7+ years of experience in cybersecurity or Master’s degree in Computer Science, Information Security, IT, Engineering, or related field with 5+ years of experience in cybersecurity.
• At least 5+ years of direct, hands-on experience in vulnerability management, remediation, and patch management.
• Strong understanding of vulnerability scoring systems (CVSS, EPSS) and risk assessment methodologies.
• Strong working knowledge of security frameworks: ISO 27001, NIST (CSF, SP800-171, SP800-37, SP800-115 & SP800-53) etc.
• Experience in a large, complex enterprise environment with a strong understanding of IT infrastructure (networks, operating systems, cloud, applications).
  
  

Qualifications We Prefer

• Experience in regulated industries (e.g., aerospace, defence, manufacturing, or critical infrastructure).
• Experience working with/for regulators/authorities or customers (e.g., Aerospace & Defense OEMs).
• Experience using ticketing or GRC systems (Eg: ServiceNow, JIRA, Archer) to manage and track vulnerability lifecycles.
• Certifications such as – CISSP, CRISC, GCIH, CEH etc
  
  

Soft skills :

• Strong critical thinking and analytical abilities.
• Excellent communication skills with the ability to simplify technical risks for non-technical audiences.
• Proactive, self-driven, and accountable for results.
• Strong collaborator who thrives in team environments.
• Structured, organized, and detail-oriented with strong follow-through
• Curious and passionate.
• Ability to report back to management.
• Sense of general interest, committed.
  
  

Diversity drives innovation, inclusion drives success. We believe a multitude of approaches and ideas enable us to deliver the best results for our workforce, workplace, and customers. We are committed to fostering a culture where all employees can share their passions and ideas so we can tackle the toughest challenges in our industry and pave new paths to limitless possibilities.

RTX adheres to the principles of equal employment. All qualified applications will be given careful consideration without regard to ethnicity, color, religion, gender, sexual orientation or identity, national origin, age, disability, protected veteran status or any other characteristic protected by law.

Privacy Policy and Terms:

Click on this link to read the Policy and Terms

---