Exposure management, Vulnerability

Position Title: Manager Exposure Management

Location: Bangalore

Full time/ Part time: Full time

Job Description:

Job Summary

The Manager, Exposure Management plays a key role in identifying, analyzing, and driving mitigation of cybersecurity exposures across enterprise systems. This position focuses on vulnerability management, attack surface monitoring, and web application scanning to ensure timely detection and response to risks affecting the organization’s digital footprint. The role requires strong technical expertise, attention to detail, and the ability to work across teams to influence remediation activities and improve security posture.

Key Responsibilities

• Operate enterprise vulnerability scanning platforms, validate findings, and track remediation efforts.
• Continuously assess the organization’s internal and external attack surface for untracked assets, misconfigurations, and exposed services.
• Identify and maintain asset ownership across business units; ensure ownership data is accurate and consistently reflected in the configuration management database (CMDB).
• Collaborate with infrastructure, application, and business stakeholders to ensure timely and complete updates to asset and ownership records.
• Configure, execute, and analyze web application security scans; work with development teams to address identified issues.
• Prioritize vulnerabilities based on exploitability, threat intelligence, and business impact using structured frameworks and tooling.
• Prepare detailed reports and dashboards for various audiences, from technical teams to executive leadership.
• Partner with IT, infrastructure, and cybersecurity stakeholders to support risk-informed remediation activities.
• Contribute to ongoing process improvements and tool optimization across the exposure management lifecycle.

Basic Qualifications

• Bachelor’s degree in Computer Science, Information Security, Engineering, or a related technical field AND minimum of 10 years of experience in cybersecurity, with a focus on vulnerability or exposure management.
• Master’s degree in Computer Science, Information Security, Engineering, or a related technical field AND minimum of 8 years of experience in cybersecurity, with a focus on vulnerability or exposure management.

Preferred Qualifications

• Hands-on experience with tools such as Tenable, Qualys, Rapid7, or similar platforms.
• Familiarity with web application scanning tools and techniques.
• Experience managing or supporting a CMDB and asset lifecycle processes in a large organization.
• Understanding of frameworks such as CVSS, MITRE ATT&CK, and NIST CSF.
• Strong communication and analytical skills, with the ability to explain technical risks to business stakeholders.
• Experience supporting compliance and regulatory programs in a global business context.

Benefits

•  We are committed to offering competitive benefits programs for all of our employees and enhancing our programs when necessary.

• Have peace of mind and body with our health insurance

• Drive forward your career through professional development opportunities

• Achieve your personal goals with our Employee Assistance Programme

Our commitment to you

Our greatest assets are the expertise, creativity and passion of our employees. We strive to provide a great place to work that attracts, develops and retains the best talent, promotes employee engagement, fosters teamwork and ultimately drives innovation for the benefit of our customers. We strive to create an environment where you feel that you belong, with diversity and inclusion as the engine to growth and innovation. We develop and deploy best-in-class programs and practices, providing enriching career opportunities, listening to employee feedback and always challenging ourselves to do better. This is The Carrier Way. Join us and make a difference.

Apply Now!

Carrier is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.

Job Applicant's Privacy Notice:

Click on this link to read the Job Applicant's Privacy Notice