Exposure Management / Vulnerability Management (VM) Engineer

Job Title: Exposure Management / Vulnerability Management (VM) Engineer Role Summary The Exposure Management / VM Engineer is responsible for identifying, analyzing, prioritizing, and driving remediation of vulnerabilities and security exposures across enterprise environments, leveraging risk-based approaches to reduce overall attack surface.

Key Responsibilities

Vulnerability & Exposure Management

 Perform and manage vulnerability scanning across infrastructure, endpoints, applications, and cloud environments

 Analyze findings and prioritize remediation based on risk, exploitability, and business impact

 Drive vulnerability lifecycle: discovery → validation → remediation → closure

 Correlate vulnerabilities with threat intelligence and exposure context (CTEM approach)

Tooling & Platform Management

 Configure and manage exposure management tools (Tenable One, Tenable.io/sc, Qualys, Rapid7)

 Integrate VM tools with Tanium, ServiceNow CMDB, SIEM, and asset management platforms

 Support API integration and automation of scanning, ticketing, and reporting \workflows

Remediation & Risk Reduction

 Partner with infrastructure, application, and cloud teams to drive remediation activities

 Implement compensating controls where patching is not immediately feasible

 Support patch management and configuration hardening initiatives

Data Analysis & Reporting  Develop risk-based dashboards and reports (exposure trends, SLA adherence, coverage)  Identify recurring vulnerabilities and root causes

 Provide insights to support prioritization and decision-making

Governance & Continuous Improvement

 Support audit, compliance, and regulatory requirements (NIST, CIS, SOX, etc.)

 Improve vulnerability prioritization using risk scoring, asset criticality, and exploit data

 Enhance automation, coverage, and program maturity aligned to CTEM framework

Required Skills & Experience

 Strong experience in vulnerability management and exposure management lifecycle

 Hands-on expertise with Tenable (preferred), Qualys, or Rapid7

 Knowledge of CVEs, CVSS scoring, exploitability, and threat context

 Experience with enterprise environments (Windows, Linux, network, cloud)

 Familiarity with Tanium (Deploy/Comply), ServiceNow, and CMDB integrations

 Understanding of patching, configuration management, and remediation workflows

 Scripting/automation experience (Python, PowerShell, APIs)

 Strong analytical and problem-solving skills

Preferred Qualifications

 Experience with Tenable One and CTEM (Continuous Threat Exposure Management)

 Knowledge of MITRE ATT&CK, threat intelligence, and exploit frameworks

 Exposure to cloud security (AWS, Azure) and container environments

 Experience with Power BI/Tableau dashboards for VM reporting

 Certifications:

Security+, CEH, CISSP, GIAC VM certifications

Key Deliverables

 Vulnerability scan reports and prioritized remediation plans

 Risk-based exposure dashboards and metrics

 Automated workflows (scan → ticket → remediation tracking)

 Integration artifacts (VM ↔ Tanium ↔ ServiceNow ↔ CMDB)

 Root cause analysis and continuous improvement recommendations Success Metrics

 Reduction in critical/high vulnerabilities within SLA

 Improved remediation cycle time and throughput

 Increased asset coverage and scan completeness

 Reduction in repeat/recurring vulnerabilities

 Enhanced visibility into enterprise exposure and risk posture

Thanks, rochauhan@goavancer.com

Work Location: Hybrid remote in Pune, Maharashtra (Pune, Pune District)