Configuration Assurance Specialist – Exposure Management

Job Title: Configuration Assurance Specialist - Exposure Management

Location: Bangalore

Department: Group Security - Information Security

Role Overview:

The Configuration Assurance Specialist is responsible for monitoring, analyzing, and improving the organization's security posture across cloud, endpoint, application, and network environments. Operating within the Posture Management team in the Exposure Management group, this role ensures continuous identification, assessment, and coordination of remediation of misconfigurations, vulnerabilities, and policy deviations.

The analyst works closely with cloud security, vulnerability management, and threat intelligence teams to reduce the organization's attack surface and enforce secure-by-default standards.

Key Responsibilities:

• Monitor cloud, endpoint, and infrastructure environments using posture management platforms (e.g., CSPM,CWPP,CNAP, vulnerability scanners).

• Identify, analyze, and report on misconfigurations, policy violations, and exposure risks.

• Collaborate withITand operations teams to drive remediation of posture gaps.

• Monitorbaseline configuration standards.

• Support continuous assurance efforts by validating remediation effectiveness and measuring posture improvements.

• Track and report posture-related metrics, such as exposure reduction trends, SLA adherence, and remediation progress.

• Assist in prioritizing posture issues based on business impact, threat intelligence, and risk context.

• Contribute to playbooks, processes, and automation to improve posture management efficiency.

• Partner with the Exposure Management group to correlate posture gaps with threat activity and vulnerability data.

Technical & Professional Requirements:

• A completed bachelor's or master's degree in computer science, along with strong academic credentials, is required.

• Minimum 2 to 6 years of experience in areas such as Security Architecture, Network Security, Cybersecurity Technology, Information Security or equivalent with Bachelor's.

• Working knowledge of artificial intelligence concepts and practical experience applying AI or machine learning techniques within cybersecurity functions, such as threat analysis, automation, or analytics.

• Experience with cloud and infrastructure security (AWS, Azure, GCP).

• Familiarity with posture management tools (e.g.,Defender for Cloud, Qualys, Tenable).

• Strong understanding of security configuration baselines and hardening standards.

• Knowledge of vulnerability management principles and exposure reduction strategies.

• Ability to analyze complex environments and identify practical remediation steps.

• Familiarity with container security and Kubernetes posture management.

• Knowledge of automation and scripting (Python, PowerShell) for reporting and remediation.

• Exposure to security metrics and reporting dashboards (Power BI, Splunk, ServiceNow).

• Strong collaboration skills to influence cross-functional teams and drive remediation.

How we work together
We believe that we are better together than apart. For our office-based teams, this means working in-person at least 3 days per week.
Onsite roles require full-time presence in the company's facilities.
Field roles are most effectively done outside of the company's main facilities, generally at the customers or suppliers locations.
Indicate if this role is an office/field/onsite role.

About Philips
We are a health technology company. We built our entire company around the belief that every human matters, and we won't stop until everybody everywhere has access to the quality healthcare that we all deserve. Do the work of your life to help the lives of others.
. Learn more about .
. Discover .
. Learn more about .
If you're interested in this role and have many, but not all, of the experiences needed, we encourage you to apply. You may still be the right candidate for this or other opportunities at Philips. Learn more about our culture of impact with care .

#LI-PHILIN