← All jobs
E

Associate Consultant - Technology Infrastructure Compliance

EXL

Posted 24 Jun 2026

NoidaHigh payGreat Place to Work
Apply on EXL

Research EXL before you apply

Check ratings, real-employee reviews, verified pay, and interview difficulty.

Glassdoor reviewsRatings, pros/cons, CEO approvalAmbitionBoxIndia reviews, salaries, interviewsLevels.fyiVerified compensation by levelLinkedInPeople, growth, your connections

Infrastructure Engineer responsible for end-to-end vulnerability management across business solutions infrastructure, ensuring accurate asset inventory (CMDB), proper reporting, vulnerability assignment, timely remediation, and measurable risk reduction

Responsibilities

  • Vulnerability Management Operations

    - Own lifecycle of vulnerabilities from detection through remediation and validation

    - Analyze vulnerability scan outputs and prioritize remediation

    - Ensure vulnerabilities are assigned and tracked to closure

    - Drive SLA adherence across severity levels

    - Coordinate remediation with InfraSec and asset owners

    - enhance and improve current process

    - work with application owners to help them remediate application related vulnerabilities

     

    CMDB & Asset Inventory Management

    - Maintain accurate CMDB and asset inventory (servers, cloud, application ownership)``

    - Validate scan coverage against CMDB and identify gaps

    - Improve asset-to-owner mapping for accountability

     

    Remediation Tracking & Coordination

    - Drive weekly/monthly remediation tracking cycles

    - Coordinate between application owners, infra teams, and security

    - Escalate overdue vulnerabilities and track progress

     

    Ticketing & Workflow Management

    - Create and manage remediation tickets (ServiceNow/Jira)

    - Ensure proper categorization, SLA tracking, and audit trail

    - Automate routing and assignment where possible

     

    Rescanning & Validation

    - Execute post-remediation rescans to validate closure

    - Track false positives and exceptions with approvals

    - Maintain audit-ready evidence

     

    Reporting & Metrics

    - Produce dashboards: open vulnerabilities, SLA compliance, MTTR, aged findings

    - Publish executive summaries and operational reports

    - Identify trends and systemic issues

     

    Process & Automation Improvement

    - Identify opportunities to automate remediation workflows

    - Support patch automation and standardized remediation patterns

Qualifications

  • Qualifications

    - 3-5+ years experience in vulnerability management or infrastructure engineering

    - Experience with tools like Qualys, 

    - Strong understanding of OS patching, cloud infrastructure, and application vulnerabilities

    - Experience with CMDB systems and ticketing tools (ServiceNow/Jira)

    - Knowledge of CVE, CVSS scoring and prioritization

     

    Nice to Have

    - Scripting (Python, PowerShell)

    - SOAR/automation tools

    - Familiarity with compliance frameworks (HITRUST, NIST, SOC2)

     

    Key Success Metrics

    - SLA compliance for remediation

    - Reduction in aged vulnerabilities

    - CMDB accuracy

    - MTTR improvement