Exposure management, Vulnerability

Position Title: Manager Exposure Management

Location: Bangalore

Full time/ Part time: Full time

Job Description:

Job Summary

The Manager, Exposure Management plays a key role in identifying, analyzing, and driving mitigation of cybersecurity exposures across enterprise systems. This position focuses on vulnerability management, attack surface monitoring, and web application scanning to ensure timely detection and response to risks affecting the organization’s digital footprint. The role requires strong technical expertise, attention to detail, and the ability to work across teams to influence remediation activities and improve security posture.

Key Responsibilities

• Operate enterprise vulnerability scanning platforms, validate findings, and track remediation efforts.
• Continuously assess the organization’s internal and external attack surface for untracked assets, misconfigurations, and exposed services.
• Identify and maintain asset ownership across business units; ensure ownership data is accurate and consistently reflected in the configuration management database (CMDB).
• Collaborate with infrastructure, application, and business stakeholders to ensure timely and complete updates to asset and ownership records.
• Configure, execute, and analyze web application security scans; work with development teams to address identified issues.
• Prioritize vulnerabilities based on exploitability, threat intelligence, and business impact using structured frameworks and tooling.
• Prepare detailed reports and dashboards for various audiences, from technical teams to executive leadership.
• Partner with IT, infrastructure, and cybersecurity stakeholders to support risk-informed remediation activities.
• Contribute to ongoing process improvements and tool optimization across the exposure management lifecycle.

Basic Qualifications

• Bachelor’s degree in Computer Science, Information Security, Engineering, or a related technical field AND minimum of 10 years of experience in cybersecurity, with a focus on vulnerability or exposure management.
• Master’s degree in Computer Science, Information Security, Engineering, or a related technical field AND minimum of 8 years of experience in cybersecurity, with a focus on vulnerability or exposure management.

Preferred Qualifications

• Hands-on experience with tools such as Tenable, Qualys, Rapid7, or similar platforms.
• Familiarity with web application scanning tools and techniques.
• Experience managing or supporting a CMDB and asset lifecycle processes in a large organization.
• Understanding of frameworks such as CVSS, MITRE ATT&CK, and NIST CSF.
• Strong communication and analytical skills, with the ability to explain technical risks to business stakeholders.
• Experience supporting compliance and regulatory programs in a global business context.

Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Job Applicant's Privacy Notice:

Click on this link to read the Job Applicant's Privacy Notice