Vulnerability Assessment Analyst
Job Summary
Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations and for making a difference to our clients and society. Our workplace embraces diversity and inclusion its a place where you can grow belong and thrive.
The Vulnerability Assessment Specialist is a seasoned subject matter expert responsible for conducting advanced vulnerability assessments identifying vulnerabilities and provides expert recommendations to mitigate security risks to ensure the security and integrity of the organizations systems and infrastructure.
This role requires collaboration with cross-functional teams and they lead/perform vulnerability assessments analyze findings and provide recommendations to mitigate security risks and contributes to the improvement of vulnerability management practices.
- Conducts vulnerability assessments using automated scanning tools and manual techniques to identify security vulnerabilities in systems networks applications and infrastructure components.
- Analyzes scan results and prioritizes vulnerabilities based on severity impact and exploitability.
- Assesses the potential risks associated with identified vulnerabilities.
- Analyzes the business impact likelihood of exploitation and potential attack vectors to prioritize remediation efforts based on risk severity.
- Provides detailed remediation recommendations to system owners administrators and IT teams.
- Collaborates to develop practical mitigation strategies configuration changes and patch management processes to address identified vulnerabilities.
- Utilizes vulnerability scanning tools such as Nessus OpenVAS Qualys or similar tools to conduct scans configure scan policies and fine-tune scan parameters for accurate and comprehensive assessments.
- Prepares vulnerability assessment reports documenting assessment findings risk analysis and recommended actions.
- Communicates assessment results to stakeholders including technical and non-technical audiences in a clear and concise manner.
- Collaborates with cross-functional teams including IT operations development teams and security stakeholders to ensure effective communication coordination and alignment on vulnerability management efforts. Communicates technical concepts and recommendations to non-technical stakeholders.
- Participates in security awareness programs and provides training to end-users and stakeholders on vulnerability management best practices secure coding and security hygiene.
- Promotes a culture of security awareness within the organization.
- Collaborates with incident response teams to identify and address vulnerabilities associated with security incidents.
- Provides support during incident response efforts and contribute to post-incident analysis and remediation.
- Stays updated with the latest security trends emerging vulnerabilities and industry best practices.
- Contributes to the enhancement of vulnerability assessment processes methodologies and tools.
- Shares knowledge and provides guidance to improve vulnerability management practices.
- Performs any other related task as required.
- Seasoned understanding of vulnerability assessment methodologies tools and industry best practices.
- Seasoned understanding of networking concepts operating systems and common software vulnerabilities.
- Solid proficiency in using vulnerability assessment tools such as Nessus OpenVAS Qualys or similar tools.
- Seasoned knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities.
- Solid knowledge of vulnerability management frameworks such as CVE CVSS and common vulnerability databases.
- Strong analytical and problem-solving skills to analyze scan results prioritize vulnerabilities and recommend effective remediation actions.
- Excellent written and verbal communication skills to prepare vulnerability assessment reports and effectively communicate technical information to diverse stakeholders.
- Excellent collaboration and teamwork skills to work effectively with cross-functional teams and stakeholders.
- Seasoned familiarity with security frameworks standards and regulatory compliance requirements.
- Bachelors degree or equivalent in Computer Science Information Security or a related field.
- Relevant certifications such as Certified Ethical Hacker (CEH) Certified Information Systems Security Professional (CISSP) or GIAC Certified Vulnerability Assessor (GCVA) are beneficial.
- Seasoned demonstrated experience in information security or related roles with a focus on conducting vulnerability assessments and providing remediation recommendations.
- Seasoned demonstrated experience in conducting advanced vulnerability assessments including application security assessments penetration testing or code review.
Workplace type:
Hybrid WorkingAbout NTT DATA
NTT DATA is a $30 billion business and technology services leader serving 75% of the Fortune
Global 100. We are committed to accelerating client success and positively impacting society through
responsible innovation. We are one of the worlds leading AI and digital infrastructure providers with
unmatched capabilities in enterprise-scale AI cloud security connectivity data centers and
application services. Our consulting and industry solutions help organizations and society move
confidently and sustainably into the digital future. As a Global Top Employer we have experts in more
than 70 countries. We also offer clients access to a robust ecosystem of innovation centers as well as
established and start-up partners. NTT DATA is part of NTT Group which invests over $3 billion each
year in R&D.
Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age race colour gender sexual orientation religion nationality disability pregnancy marital status veteran status or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Third parties fraudulently posing as NTT DATA recruiters
NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters whether in writing or by phone in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an @ email address. If you suspect any fraudulent activity please contact us.
Required Experience:
IC
About Company
NTT drives innovation globally with human-centered technology, creating a connected future for people and communities.