**Vulnerability Management Analyst** **Location:**  Mumbai, India **Responsibilities:** 1. **Vulnerability Assessment and Remediation:** + Review regular vulnerability assessments across our digital assets, including endpoints, servers, applications, and network devices. + Facilitate effective remediation plans to address identified vulnerabilities. 1. **Microsoft Exposure Management:** + Leverage Microsoft Security Exposure Management1 (https://techcommunity.microsoft.com/t5/security-compliance-and-identity/introducing-microsoft-security-exposure-management/ba-p/4080907)  to gain insights into exposure risks. + Analyze data from Microsoft Defender for Cloud Security Posture Management (CSPM) and other Microsoft workloads (https://techcommunity.microsoft.com/t5/security-compliance-and-identity/introducing-microsoft-security-exposure-management/ba-p/4080907) 2 . + Identify and classify critical assets, ensuring protection against threats. 1. **Cloud Best Practices:** + Stay up-to-date with cloud security best practices, especially related to Microsoft Azure. + Facilitate implementation of security controls aligned with industry standards (e.g. ISO27001 and Microsoft security score). 1. **Collaboration and Communication:** + Communicate exposure risks to business leaders using clear KPIs and actionable insights. + Collaborate with IT teams to prioritize vulnerabilities based on risk and impact 1. **Attack Surface Management:** + Understand the organization’s attack surface and visualize potential adversary intrusion paths. + Simulate attack scenarios to identify weaknesses that attackers could exploit (https://techcommunity.microsoft.com/t5/security-compliance-and-identity/introducing-microsoft-security-exposure-management/ba-p/4080907) 3 . **Qualifications** + Minimum of 3 years of experience in vulnerability management or related security roles. + Strongly preferred to have experience with Microsoft Exposure Management, Microsoft vulnerability management module, Attack Surface Reduction, Microsoft Defender suite of products, Microsoft Intune, and Entra/Azure AD. + Preferred experience with Randori. + Experience with Orca, Randori, and/or Valence is a plus. + Familiarity with Azure security principles and best practices. + AWS experience is a plus + Knowledge of Docker containers is a plus. + Experience or knowledge of how CVSS is utilized. + Relevant certifications (e.g., CompTIA Security+, CISSP, GIAC, PenTest+, CEH) are a plus. **Skills** + Strong analytical skills with the ability to assess risk and prioritize vulnerabilities. + Excellent communication skills to convey technical information to non-technical stakeholders. + Detail-oriented and proactive in identifying security gaps. **In Return, You Can Expect** + Ongoing career opportunities at a repeat Forbes & Newsweek-listed “Best Employer for Women”, “Best Employer for Diversity”, “Best Remote Employer”, “Best Large Employer”, and “Most Loved Workplace”. + Exposure to handle large infrastructure + Support from multiple technical teams and opportunities for learning + Flexible work culture Lionbridge embraces equal employment opportunity and a diverse workforce, making hiring and employment decisions based on individual merits and talent without regard to any protected status. If you believe you need a reasonable accommodation in the online job application process for a posted position, please contact us at careers@lionbridge.com for assistance.