At Zimmer Biomet, we believe in pushing the boundaries of innovation and driving our mission forward. As a global medical technology leader for nearly 100 years, a patient's mobility is enhanced by a Zimmer Biomet product or technology every 8 seconds.
As a Zimmer Biomet team member, you will share in our commitment to providing mobility and renewed life to people around the world. To support our talent team, we focus on development opportunities, robust employee resource groups (ERGs), a flexible working environment, location specific competitive total rewards, wellness incentives and a culture of recognition and performance awards. We are committed to creating an environment where every team member feels included, respected, empowered and recognised.
What You Can Expect
The IT Security Lead Analyst, Threat & Vulnerability Management is responsible for owning and executing the global vulnerability management program from the Bangalore Global Capability Center (GCC). This role ensures vulnerabilities are identified, prioritized, tracked, and remediate in alignment with enterprise risk tolerance, audit requirements, and regulatory obligations.
This is a handson lead analyst role, not a people manager. The Lead Analyst sets standards, drives remediation outcomes, maintains the enterprise vulnerability register, and partners with infrastructure, cloud, and application teams to reduce risk at scale.
Work Location: Bangalore
Work Mode: Hybrid (3 Days in office)
How You'll Create Impact
- Own endtoend vulnerability lifecycle management, from discovery through remediation and closure
- Operate and continuously improve vulnerability scanning, analysis, and remediation tracking processes
- Maintain and govern the enterprise vulnerability register, including ownership, status, and risk justification
- Define and apply riskbased prioritization criteria
- Track, manage, and remediate vulnerabilities identified
- Ensure remediation decisions are documented, defensible, and auditable
- Lead threat intelligence ingestion and analysis to enrich vulnerability prioritization
- Identify vulnerabilities with active exploitation risk and elevate accordingly
- Translate threat intelligence into actionable remediation guidance
Your Background
- 5-7+ years in vulnerability or security engineering
- Experience supporting large-scale enterprise environments
- Certifications preferred: CISSP, OSCP, CISM
Technologies & Tools
- Vulnerability Scanning: Qualys, Tenable, Rapid7
- Threat Intel: Recorded Future, Anomali, VirusTotal
- Cloud Security: AWS Inspector, Azure Defender
- Ticketing: ServiceNow, Jira
- DevSecOps: Snyk, Checkmarx, GitHub Security
EOE/M/F/Vet/Disability
