Jobs
Y

Senior Vulnerability Management (VM) Analyst

Yoda Technologies Pty LtdRemote1d ago
RemoteFull-timevia indeed

Job Description

We are looking for a Senior Vulnerability Management (VM) Analyst with 5\+ years of hands\-on experience to own and drive the end\-to\-end vulnerability management lifecycle. This role is heavily focused on continuous vulnerability discovery, risk\-based prioritization, and remediation governance using Tenable, Microsoft Defender, and Cyble threat intelligence.

The candidate will act as a subject matter expert (SME) for vulnerability risk, ensuring measurable reduction in organizational exposure.

Core Responsibilities (VM\-Focused)

1\. Vulnerability Discovery \& Coverage

Execute and optimize continuous vulnerability scanning using

Tenable (Nessus, Tenable.io / Tenable.sc)

Microsoft Defender Vulnerability Management

Ensure full asset coverage across

Endpoints, servers, cloud workloads

Identify gaps in scan scope, authentication failures, and blind spots

2\. Vulnerability Analysis \& Risk Prioritization

Perform deep analysis of vulnerabilities using

CVSS scores (v3\.x)

Exploit availability (PoC, weaponization)

Cyble threat intelligence (active campaigns, KEVs)

Move beyond CVSS to a risk\-based prioritization model

Internet\-facing exposure

Asset criticality (business impact)

Lateral movement potential

Expected outcome

Actionable, prioritized vulnerability queues—not raw scan outputs

3\. Threat\-Driven Vulnerability Management

Integrate Cyble intelligence into VM workflows

Map vulnerabilities to active threat actors / campaigns

Track exploited\-in\-the\-wild (KEV) vulnerabilities

Proactively identify

Zero\-day / emerging vulnerabilities

Industry\-relevant threats

4\. Remediation Governance \& Ownership

Drive end\-to\-end remediation lifecycle

Assign, track, and follow up on vulnerabilities

Enforce remediation SLAs (aligned to severity levels)

Provide clear remediation guidance

Patching

Config fixes

Compensating controls

Key expectation

Not just detection → actual risk reduction

5\. Exposure Management (Defender Integration)

Use Microsoft Defender Exposure Score and recommendations

Continuously monitor

Security posture improvements

Vulnerability aging

Align Defender insights with Tenable findings for unified visibility

6\. Validation \& Continuous Improvement

Perform

Rescans to validate remediation

False positive elimination

Continuously refine

Scan policies

Detection accuracy

Prioritization logic

7\. Metrics, Reporting \& Stakeholder Management

Produce VM\-focused reporting

Open vs remediated vulnerabilities

SLA compliance

Aging vulnerabilities

Risk reduction trends

Communicate

High\-risk exposures to leadership

Remediation accountability to IT teams

8\. Process \& Workflow Integration

Integrate VM workflows into ticketing (e.g., HALOITSM)

Automate

Ticket creation

Escalation and SLA breach alerts

Maintain structured VM processes aligned to NIST / CIS best practices

Required Skills \& Expertise

Core VM Expertise

5\+ years specializing in Vulnerability Management (not generic SOC work)

Strong hands\-on experience in

Tenable (Nessus, Tenable.io / Tenable.sc)

Microsoft Defender Vulnerability Management

Cyble threat intelligence platform

Technical Depth

Strong understanding of

CVSS scoring \& limitations

Vulnerability exploitation lifecycle

Patch management processes

Ability to

Analyze raw scan data

Correlate vulnerabilities with active threats

Risk\-Based Thinking

Proven ability to

Prioritize vulnerabilities beyond CVSS

Align remediation with business risk

Experience implementing

Risk\-based VM programs

Experience with

KEV catalog (CISA) usage

Exposure management frameworks

Pay: ₹800,000\.00 \- ₹1,200,000\.00 per year

Benefits

  • Flexible schedule

Application Question(s)

  • What is the experience in executing VM reports and operational activities?

Work Location: Remote

Similar Jobs

Browse all jobs

Job Overview

Job type
Full-time
Work mode
Remote
Location
Anywhere in India
Posted
1d ago
Source
Indeed