Vulnerability Analyst

Vulnerability Analyst

Location: Kharadi, Pune

We're looking for a Vulnerability Management Analyst to support all phases of our Vulnerability Management (VM) program—identification, classification, prioritization, remediation, and review. You'll work closely with developers, security engineers, and IT teams, driving collaboration and documentation across enterprise and product environments. Reporting to the VAPT & EASM Managing Consultant, you'll help enhance and automate our security assessment tools, including SAST, DAST, cloud-native tools, scan engines, and penetration test report integrations. This hands-on role is ideal for someone experienced in technical security operations and passionate about improving vulnerability detection and response.

What will you be doing?

• Perform support activities for product and application security testing, including the assessment, configuration, and maintenance of application security assessments. Plus, triage and reporting of findings to engineering teams.
• Perform support activities for enterprise security vulnerability management and attack surface management, including the configuration, maintenance, triage, and reporting of security findings and coordination with supporting groups.
• Contribute to continuous service improvement, developing processes, work instructions, reports, methodologies, and frameworks to drive higher quality outcomes or improve efficiency through automation or AI. This should be done in the context of the developing threat landscape, including threat actors, malware, campaigns, and other factors as necessary to ensure S N practice stays aligned to threats.
• Provide technical subject matter expertise to projects and initiatives aimed at improving the capability and maturity of the wider Smith & Nephew information security practices.

What will you need to be successful?

• Bachelor's degree in computer science or a related subject is preferred.
• Background in engineering, computer science, or information security.
• At least 2 years of experience in penetration testing, adversary emulation, red teaming, incident response, vulnerability management, or application testing.
• Experience with at least one programming language with knowledge of secure coding practices.
• Familiarity with vulnerability management solutions such as Tenable, Rapid7, Qualys, etc.
• Understanding of continuous integration environments and code repositories.
• Understanding of offensive security tools and frameworks, as well as knowledge in the exploitation process of vulnerabilities.
• Strong understanding of network protocols, operating systems, public cloud, web applications, and other common IT components.
• Effective report writing with clear structure and risk-prioritized actionable findings.
• Excellent written and oral communication skills, service mindset, and analytical approach to problem solving.
• Ability to work independently without daily direction, balancing conflicting priorities, and effectively tracking and managing task completion to committed deadlines.
• Familiarity with web-related technologies (Web applications, Web Services, service-oriented architectures, servers), network/web-related protocols, and cloud environments (Azure/AWS).
• Basic knowledge of software development processes, programming languages, and secure coding practices.
• Thorough understanding of the latest security principles, techniques, and protocols

You Unlimited.

We believe in crafting the greatest good for society. Our strongest investments are in our people and the patients we serve.

Inclusion Belonging: Committed to Welcoming, Celebrating, and Thriving. Learn more about Employee Inclusion Groups on our website ).

Other reasons why you will love it here

• Your Future: Major medical coverage policy exclusions and insurance non-medical limit. Educational Assistance.
• Work/Life Balance: Flexible Personal/Vacation Time Off, Privilege Leave, Floater Leave.
• Your Wellbeing: Parents'/Parents-in-Law's Insurance (Employee Contribution of 8,000/- Annually), Employee Assistance Program, Parental Leave.
• Flexibility: Hybrid Work Model (For most professional roles)
• Training: Hands-On, Team-Customized, Mentorship
• Extra Perks: Free cab transport facility for all employees; one-time meal provided to all employees as per shift. Night shift allowances.

#LI-DP1

We're more than just a company - we're a community Follow us on LinkedIn to see how we support and empower our employees and patients every day.

Check us out on Glassdoor for a glimpse behind the scenes and a sneak peek into You. Unlimited., life, culture, and benefits at S N.

Explore our website and learn more about our mission, our team, and the opportunities we offer.