**Introduction** A career in IBM Consulting is built on long-term client relationships and close collaboration worldwide. You’ll work with leading companies across industries, helping them shape their hybrid cloud and AI journeys. With support from our strategic partners, robust IBM technology, and Red Hat, you’ll have the tools to drive meaningful change and accelerate client impact. At IBM Consulting, curiosity fuels success. You’ll be encouraged to challenge the norm, explore new ideas, and create innovative solutions that deliver real results. Our culture of growth and empathy focuses on your long-term career development while valuing your unique skills and experiences. **Your role and responsibilities** As a Security Consultant specializing in Exposure Management, you will be responsible for identifying, assessing, and mitigating security risks and exposures that could impact the organization's assets, operations, financial stability, and reputation. You will develop and implement strategies to protect against various types of threats, requiring a deep understanding of cyber-security and risk management principles. Your primary responsibilities will include: * Operate and manage Vulnerability Management platforms such as Qualys, Tenable, and Rapid7 InsightVM. * Execute and administer vulnerability scans (internal, external, and authenticated) across corporate environments. * Analyze and prioritize vulnerabilities using CVSS scores, business risk, and exposure context. * Coordinate remediation activities with IT, Infrastructure, and Cloud teams. * Validate remediation efforts through patch verification and re-scans. * Manage exceptions, false positives, and risk acceptance processes. * Produce technical and executive-level reports, including risk posture, SLA compliance, and vulnerability trends. * Integrate vulnerability data with SIEM platforms and ITSM tools such as ServiceNow and Jira. * Ensure alignment with corporate security policies and industry frameworks such as NIST and ISO/IEC 27001. **Required technical and professional expertise** * 2+ years of experience in vulnerability management within corporate or enterprise environments. * Hands-on experience operating Qualys, Tenable, Rapid7 InsightVM, or similar platforms. * Hands-on experience in vulnerability scanning (internal, external, authenticated). * Solid understanding of CVSS scoring, risk-based prioritization, and exposure management. * Experience coordinating remediation with cross-functional technical teams. * Knowledge of Windows, Linux, and virtualized environments. * Basic experience working in cloud environments (AWS and Azure). * Experience producing clear and actionable technical and executive reports. * Familiarity with security frameworks such as NIST and ISO/IEC 27001. * Intermediate English level (technical reading and communication). **Preferred technical and professional experience** * Relevant security and vulnerability management certifications, such as Qualys VMDR, Tenable, Rapid7, CompTIA Security+, or ISO/IEC 27001. IBM is committed to creating a diverse environment and is proud to be an equal-opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender, gender identity or expression, sexual orientation, national origin, caste, genetics, pregnancy, disability, neurodivergence, age, veteran status, or other characteristics. IBM is also committed to compliance with all fair employment practices regarding citizenship and immigration status.