Senior Vulnerability Management (VM) Analyst
Join Our Community
Job Description
We are looking for a Senior Vulnerability Management (VM) Analyst with 5\+ years of hands\-on experience to own and drive the end\-to\-end vulnerability management lifecycle. This role is heavily focused on continuous vulnerability discovery, risk\-based prioritization, and remediation governance using Tenable, Microsoft Defender, and Cyble threat intelligence.
The candidate will act as a subject matter expert (SME) for vulnerability risk, ensuring measurable reduction in organizational exposure.
Core Responsibilities (VM\-Focused)
1\. Vulnerability Discovery \& Coverage
Execute and optimize continuous vulnerability scanning using
Tenable (Nessus, Tenable.io / Tenable.sc)
Microsoft Defender Vulnerability Management
Ensure full asset coverage across
Endpoints, servers, cloud workloads
Identify gaps in scan scope, authentication failures, and blind spots
2\. Vulnerability Analysis \& Risk Prioritization
Perform deep analysis of vulnerabilities using
CVSS scores (v3\.x)
Exploit availability (PoC, weaponization)
Cyble threat intelligence (active campaigns, KEVs)
Move beyond CVSS to a risk\-based prioritization model
Internet\-facing exposure
Asset criticality (business impact)
Lateral movement potential
Expected outcome
Actionable, prioritized vulnerability queues—not raw scan outputs
3\. Threat\-Driven Vulnerability Management
Integrate Cyble intelligence into VM workflows
Map vulnerabilities to active threat actors / campaigns
Track exploited\-in\-the\-wild (KEV) vulnerabilities
Proactively identify
Zero\-day / emerging vulnerabilities
Industry\-relevant threats
4\. Remediation Governance \& Ownership
Drive end\-to\-end remediation lifecycle
Assign, track, and follow up on vulnerabilities
Enforce remediation SLAs (aligned to severity levels)
Provide clear remediation guidance
Patching
Config fixes
Compensating controls
Key expectation
Not just detection → actual risk reduction
5\. Exposure Management (Defender Integration)
Use Microsoft Defender Exposure Score and recommendations
Continuously monitor
Security posture improvements
Vulnerability aging
Align Defender insights with Tenable findings for unified visibility
6\. Validation \& Continuous Improvement
Perform
Rescans to validate remediation
False positive elimination
Continuously refine
Scan policies
Detection accuracy
Prioritization logic
7\. Metrics, Reporting \& Stakeholder Management
Produce VM\-focused reporting
Open vs remediated vulnerabilities
SLA compliance
Aging vulnerabilities
Risk reduction trends
Communicate
High\-risk exposures to leadership
Remediation accountability to IT teams
8\. Process \& Workflow Integration
Integrate VM workflows into ticketing (e.g., HALOITSM)
Automate
Ticket creation
Escalation and SLA breach alerts
Maintain structured VM processes aligned to NIST / CIS best practices
Required Skills \& Expertise
Core VM Expertise
5\+ years specializing in Vulnerability Management (not generic SOC work)
Strong hands\-on experience in
Tenable (Nessus, Tenable.io / Tenable.sc)
Microsoft Defender Vulnerability Management
Cyble threat intelligence platform
Technical Depth
Strong understanding of
CVSS scoring \& limitations
Vulnerability exploitation lifecycle
Patch management processes
Ability to
Analyze raw scan data
Correlate vulnerabilities with active threats
Risk\-Based Thinking
Proven ability to
Prioritize vulnerabilities beyond CVSS
Align remediation with business risk
Experience implementing
Risk\-based VM programs
Experience with
KEV catalog (CISA) usage
Exposure management frameworks
Pay: ₹800,000\.00 \- ₹1,200,000\.00 per year
Benefits
- Flexible schedule
Application Question(s)
- What is the experience in executing VM reports and operational activities?
Work Location: Remote
Similar Jobs
Browse all jobsJob Overview
- Job type
- Full-time
- Work mode
- Remote
- Location
- Anywhere in India
- Posted
- 1d ago
- Source
- Indeed