Cybersecurity – Lab Security Plan Assessor

Cybersecurity – Lab Security Plan Assessor

This role has been designed as ‘’Onsite’ with an expectation that you will primarily work from an HPE office.

Job Description:

HPE’s Cybersecurity team is where you can do just that! We’re looking for a dynamic and experienced offensive security expert to join our Offensive Security Special Ops team. If you’re passionate about shaping the future of cybersecurity by applying offensive security skills to make defense better, join us!

Overview:

We are seeking an experienced cybersecurity professional to review, assess, and validate cybersecurity and operational plans submitted by business-owned lab environments within a segmented network architecture. These labs—used for development, testing, customer simulations, and product research—operate outside the standard corporate network and must comply with a defined set of security control standards.

The professional will act as a subject matter expert (SME) to review lab owner submissions, assess their security posture against policy, identify compliance gaps, and recommend pragmatic remediation actions to reduce risk while enabling business outcomes.

What you’ll do:

• Review lab network and cybersecurity plans submitted by business units.
• Assess compliance with organizational security policies, standards and specifications.
• Evaluate technical controls including network segmentation, firewalls, endpoint security (EDR), and network detection and response (NDR).
• Identify and document compliance levels, risks, and deviations from policy.
• Provide detailed, actionable remediation guidance and recommendations.
• Collaborate with lab owners and business teams to clarify intent, resolve ambiguities, and guide remediation efforts.
• Track progress of remediations and support the approval process for lab network operations.
• Participate in continuous improvement of assessment methods and templates.

What you need to bring:

• 10+ years of experience in cybersecurity and network security roles, with strong knowledge of security architecture and operations.
• Proven experience assessing segmented or isolated environments such as labs, research zones, or air-gapped networks.
• Deep understanding of network security fundamentals: firewalls, VLANs, subnets, routing, VPNs, IDS/IPS, NAC.
• Strong experience with endpoint and network security tooling: EDR (e.g., CrowdStrike), NDR, vulnerability management.
• Familiarity with interpreting and applying security policies.
• Ability to assess risk in complex environments and communicate clearly with both technical and non-technical stakeholders.
• Strong documentation and reporting skills; experience in producing audit-ready compliance assessments or risk reports.
• Comfortable working autonomously and driving progress with multiple business stakeholders.

Preferred Qualifications:

• Experience working in large enterprise environments with segmented lab networks.
• Understanding of Zero Trust Architecture principles and their application in lab or development environments.
• Familiarity with cybersecurity compliance assessments, e.g., internal policy audits, ISO 27001, NIST 800-53/CSF.
• Preferred industry certifications such as CISSP, CISM, GSEC, GICSP, or CCNP Security.

Soft Skills:

• Highly organized, detail-oriented, and methodical in assessment and documentation.
• Strong interpersonal and collaboration skills—comfortable engaging with diverse stakeholders including engineers, researchers, and IT security.
• Pragmatic mindset—able to balance policy compliance with enabling innovative business activities in non-traditional environments.

Deliverables:

• Assessment reports for each submitted lab cybersecurity and operational plan.
• Risk classification and gap analysis aligned to defined control requirements.
• Remediation recommendations with prioritized actions and justifications.
• Participation in governance or review boards (if required).

Accountability, Accountability, Active Learning, Active Listening, Bias, Business Growth, Change Management, Client Expectations Management, Coaching, Creativity, Critical Thinking, Cross-Functional Teamwork, Customer Centric Solutions, Design Thinking, Empathy, Follow-Through, Growth Mindset, Information Technology (IT) Infrastructure, Infrastructure as a Service (IaaS), Intellectual Curiosity (Inactive), Long Term Planning, Managing Ambiguity, Process Improvements, Product Services, Relationship Building {+ 5 more}

Health & Wellbeing

We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing.

Personal & Professional Development

We also invest in your career because the better you are, the better we all are. We have specific programs catered to helping you reach any career goals you have — whether you want to become a knowledge expert in your field or apply your skills to another division.

Unconditional Inclusion

We are unconditionally inclusive in the way we work and celebrate individual uniqueness. We know varied backgrounds are valued and succeed here. We have the flexibility to manage our work and personal needs. We make bold moves, together, and are a force for good.

#india

#cybersecurity, #legalandadmin

Job:

Information Technology

Job Level:

TCP_04

    

    

Hewlett Packard Enterprise is EEO Protected Veteran/ Individual with Disabilities.

HPE will comply with all applicable laws related to employer use of arrest and conviction records, including laws requiring employers to consider for employment qualified applicants with criminal histories.

   

No Fees Notice & Recruitment Fraud Disclaimer

 

It has come to HPE’s attention that there has been an increase in recruitment fraud whereby scammer impersonate HPE or HPE-authorized recruiting agencies and offer fake employment opportunities to candidates.  These scammers often seek to obtain personal information or money from candidates.

 

Please note that Hewlett Packard Enterprise (HPE), its direct and indirect subsidiaries and affiliated companies, and its authorized recruitment agencies/vendors will never charge any candidate a registration fee, hiring fee, or any other fee in connection with its recruitment and hiring process.  The credentials of any hiring agency that claims to be working with HPE for recruitment of talent should be verified by candidates and candidates shall be solely responsible to conduct such verification. Any candidate/individual who relies on the erroneous representations made by fraudulent employment agencies does so at their own risk, and HPE disclaims liability for any damages or claims that may result from any such communication.