Job Overview:
Role: Consultant – Vulnerability Management
Experience: 5–8 Years
Locations: Indore, Pune, Hyderabad, Bangalore
We are hiring a Consultant – Vulnerability Management with strong hands-on experience in enterprise vulnerability assessment, risk-based prioritization, and end-to-end vulnerability lifecycle management across on-prem, cloud, and application environments.
Key Responsibilities:
- Manage end-to-end vulnerability management lifecycle including discovery, assessment, prioritization, remediation, and reporting.
- Perform regular vulnerability scans using tools like Qualys / VMDR across servers, networks, cloud, and applications.
- Analyze and validate scan results to eliminate false positives.
- Prioritize vulnerabilities using CVSS, EPSS, exploitability, asset criticality, and threat context.
- Track and manage CVE exposure and emerging threats.
- Drive vulnerability remediation tracking through tools like ServiceNow or similar ITSM platforms.
- Create dashboards, metrics, and executive-level reports for leadership and compliance stakeholders.
- Support audits, compliance requirements, and security posture improvement initiatives.
- Continuously enhance vulnerability management processes and frameworks.
Required Skills:
- 5–8 years of hands-on experience in Vulnerability Management.
- Strong expertise with Qualys / Qualys VMDR (mandatory).
- In-depth understanding of CVSS, EPSS, risk-based vulnerability prioritization, and exploit analysis.
- Experience working with servers, networks, cloud platforms, and applications.
- Familiarity with CVE tracking, remediation workflows, and SLA management.
- Experience with ServiceNow or similar ticketing/ITSM tools.
- Strong analytical, reporting, and stakeholder communication skills.
If you're passionate about strengthening organizational security through risk-driven vulnerability management, we'd love to hear from you!
