Vulnerability Assessment Specialist

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

Your day at NTT DATA

The Vulnerability Assessment Specialist is a seasoned subject matter expert, responsible for conducting advanced vulnerability assessments, identifying vulnerabilities, and provides expert recommendations to mitigate security risks to ensure the security and integrity of the organization's systems and infrastructure.

This role requires collaboration with cross-functional teams, and they lead/perform vulnerability assessments, analyze findings, and provide recommendations to mitigate security risks and contributes to the improvement of vulnerability management practices.

What you'll be doing

Key Responsibilities:

• Conducts vulnerability assessments using automated scanning tools and manual techniques to identify security vulnerabilities in systems, networks, applications, and infrastructure components.
• Analyzes scan results and prioritizes vulnerabilities based on severity, impact, and exploitability.
• Assesses the potential risks associated with identified vulnerabilities.
• Analyzes the business impact, likelihood of exploitation, and potential attack vectors to prioritize remediation efforts based on risk severity.
• Provides detailed remediation recommendations to system owners, administrators, and IT teams.
• Collaborates to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities.
• Utilizes vulnerability scanning tools such as Nessus, OpenVAS, Qualys, or similar tools to conduct scans, configure scan policies, and fine-tune scan parameters for accurate and comprehensive assessments.
• Prepares vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions.
• Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner.
• Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, coordination, and alignment on vulnerability management efforts. Communicates technical concepts and recommendations to non-technical stakeholders.
• Participates in security awareness programs and provides training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene.
• Promotes a culture of security awareness within the organization.
• Collaborates with incident response teams to identify and address vulnerabilities associated with security incidents.
• Provides support during incident response efforts and contribute to post-incident analysis and remediation.
• Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices.
• Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools.
• Shares knowledge and provides guidance to improve vulnerability management practices.
• Performs any other related task as required.

Knowledge and Attributes:

• Seasoned understanding of vulnerability assessment methodologies, tools, and industry best practices.
• Seasoned understanding of networking concepts, operating systems, and common software vulnerabilities.
• Solid proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools.
• Seasoned knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities.
• Solid knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases.
• Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions.
• Excellent written and verbal communication skills to prepare vulnerability assessment reports and effectively communicate technical information to diverse stakeholders.
• Excellent collaboration and teamwork skills to work effectively with cross-functional teams and stakeholders.
• Seasoned familiarity with security frameworks, standards, and regulatory compliance requirements.

Academic Qualifications and Certifications:

• Bachelor's degree or equivalent in Computer Science, Information Security, or a related field.
• Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or GIAC Certified Vulnerability Assessor (GCVA) are beneficial.

Required Experience:

• Seasoned demonstrated experience in information security or related roles, with a focus on conducting vulnerability assessments and providing remediation recommendations.
• Seasoned demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, penetration testing, or code review.

Workplace type:

Hybrid Working

About NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.