Vulnerability Management & Remediation Lead

About the Role
We are looking for a Vulnerability Management & Remediation Lead to join our global Cybersecurity team in Bengaluru. In this role, you will own and evolve the enterprise vulnerability management lifecycle, ensuring vulnerabilities across our hybrid environment consisting of AWS, on-prem VxRail infrastructure, endpoints, and network devices are identified, prioritized, and remediated within defined SLAs. You will partner closely with our Infrastructure, Cloud, DevOps, and Application Security teams to embed a proactive and risk-based approach to vulnerability and patch management, supporting ISO 27001, SOC 2, and client assurance programs.

What you'll do

• Operate and manage Rapid7 InsightVM to perform continuous internal and external scans across cloud, on-prem, and endpoint assets.
• Define and mature the enterprise vulnerability lifecycle, including scanning cadence, asset onboarding, SLA management, and exception workflows.
• Integrate vulnerability data with other EquiLend security platforms — Rapid7 InsightIDR, CrowdStrike Falcon, Delinea PAM, Prisma Access, and GitHub Advanced Security — to enrich risk context and automate prioritization.
• Correlate external exposure data from Attack Surface Management (ASM) with internal vulnerability findings to identify exploitable weaknesses.
• Drive SLA-based remediation by coordinating with Infrastructure, Cloud, and DevOps teams; track and escalate overdue vulnerabilities through Jira dashboards and automated reports.
• Develop and maintain dashboards and KPIs to communicate program effectiveness to leadership, auditors, and the Board Audit Committee.
• Define and enforce vulnerability and patch management policies aligned with ISO 27001 Annex A.12.6, SOC 2 CC7.1, and DORA operational resilience expectations.
• Coordinate exception management and compensating controls for vulnerabilities that cannot be remediated immediately.
• Incorporate threat intelligence to focus on vulnerabilities under active exploitation.
• Continuously improve automation using InsightVM APIs, Python, or PowerShell scripts for reporting, asset ingestion, and SLA tracking.

What we need

• 8+ years of experience in Vulnerability Management, Security Operations, or Systems Administration.
• Hands-on experience with Rapid7 InsightVM (required). Experience with Nexpose, Qualys, or Tenable is an advantage.
• Strong technical understanding of Windows, Linux, networking, and cloud (AWS).
• Familiarity with containerized workloads, Kubernetes, and CI/CD security.
• Demonstrated ability to influence and drive remediation efforts across technical teams.
• Proficient in CVSS scoring, risk-based prioritization, and vulnerability lifecycle management.
• Scripting experience (Python or PowerShell) to automate reports and workflows.
• Strong stakeholder management and communication skills to translate technical risk into business impact.
• Certifications: CISSP, CISM, Security+, CEH, or Rapid7 Certified Administrator preferred.
• Bachelor's degree in Information Security, Computer Science, or related discipline.

Benefits

• Variable Pay: Annual performance related variable pay award on top of your fixed CTC to reward your performance and contributions to the company's success.
• Hybrid Working: Our hybrid work policy requires all employees to work from the office approximately 3 days per week (50 work from home days per 6 months annually).
• Generous Vacation Days Per Year: Take advantage of paid vacation days annually, plus public bank holidays.
• Family Health Insurance Coverage: Comprehensive health insurance coverage for you and your dependents available from your first day.
• Personal Accidental Injury Insurance: Feel secure with personal accidental injury insurance provided from the start of your employment.
• Annual Team Building Retreat: Participate in an annual team-building retreat at a new and exciting location each year
• Relocation Assistance: If you're relocating from more than 40 miles away, we provide hotel accommodation and travel ticket reimbursement to help ensure a smooth transition.