Job Title: Exposure Management / Vulnerability Management (VM) Engineer Role Summary The Exposure Management / VM Engineer is responsible for identifying, analyzing, prioritizing, and driving remediation of vulnerabilities and security exposures across enterprise environments, leveraging risk\-based approaches to reduce overall attack surface.
Perform and manage vulnerability scanning across infrastructure, endpoints, applications, and cloud environments
Analyze findings and prioritize remediation based on risk, exploitability, and business impact
Drive vulnerability lifecycle: discovery → validation → remediation → closure
Correlate vulnerabilities with threat intelligence and exposure context (CTEM approach)
Configure and manage exposure management tools (Tenable One, Tenable.io/sc, Qualys, Rapid7\)
Integrate VM tools with Tanium, ServiceNow CMDB, SIEM, and asset management platforms
Support API integration and automation of scanning, ticketing, and reporting \\workflows
Partner with infrastructure, application, and cloud teams to drive remediation activities
Implement compensating controls where patching is not immediately feasible
Support patch management and configuration hardening initiatives
Develop risk\-based dashboards and reports (exposure trends, SLA adherence, coverage) Identify recurring vulnerabilities and root causes
Provide insights to support prioritization and decision\-making
Support audit, compliance, and regulatory requirements (NIST, CIS, SOX, etc.)
Improve vulnerability prioritization using risk scoring, asset criticality, and exploit data
Enhance automation, coverage, and program maturity aligned to CTEM framework
Strong experience in vulnerability management and exposure management lifecycle
Hands\-on expertise with Tenable (preferred), Qualys, or Rapid7
Knowledge of CVEs, CVSS scoring, exploitability, and threat context
Experience with enterprise environments (Windows, Linux, network, cloud)
Familiarity with Tanium (Deploy/Comply), ServiceNow, and CMDB integrations
Understanding of patching, configuration management, and remediation workflows
Scripting/automation experience (Python, PowerShell, APIs)
Strong analytical and problem\-solving skills
Experience with Tenable One and CTEM (Continuous Threat Exposure Management)
Knowledge of MITRE ATT\&CK, threat intelligence, and exploit frameworks
Exposure to cloud security (AWS, Azure) and container environments
Experience with Power BI/Tableau dashboards for VM reporting
Security\+, CEH, CISSP, GIAC VM certifications
Vulnerability scan reports and prioritized remediation plans
Risk\-based exposure dashboards and metrics
Automated workflows (scan → ticket → remediation tracking)
Integration artifacts (VM ↔ Tanium ↔ ServiceNow ↔ CMDB)
Root cause analysis and continuous improvement recommendations Success Metrics
Reduction in critical/high vulnerabilities within SLA
Improved remediation cycle time and throughput
Increased asset coverage and scan completeness
Reduction in repeat/recurring vulnerabilities
Enhanced visibility into enterprise exposure and risk posture
Thanks,
rochauhan@goavancer.com
Work Location: Hybrid remote in Pune, Maharashtra (Pune, Pune District)
Speed Hiring_ IQE _API Testing _JL5_Q1FY26
Infosys · Bengaluru East, Karnataka, India
Backend Engineer (Node.js & API Integrations)
OneMetric · Gurugram, Haryana, India
Software Engineer II
Tower Research Capital · Gurgaon, Haryana, India