Associate Vulnerability Assessment Specialist

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it's a place where you can grow, belong and thrive.

Your day at NTT DATA
The Associate Vulnerability Assessment Specialist is an entry level role, responsible for assisting in identifying, assessing, and mitigating vulnerabilities within the company's systems and infrastructure.

This role works closely with more senior team members within the vulnerability management team to conduct assessments, analyze findings, and recommend remediation actions.

Key responsibilities:

• Conducts vulnerability scans using automated tools and assist in manual assessments to identify vulnerabilities in systems, networks, applications, and infrastructure components.
• Analyzes scan results and determine the severity and potential impact of identified vulnerabilities.
• Assists in evaluating the potential risks associated with identified vulnerabilities.
• Analyzes the context, potential attack vectors, and business impact to prioritize vulnerabilities based on risk severity and exploitability.
• Collaborates with system owners, administrators, and IT teams to provide guidance on vulnerability remediation.
• Recommends mitigation measures, configuration changes, and patches to address identified vulnerabilities.
• Tracks and verifies the closure of remediation actions.
• Assists in preparing vulnerability assessment reports, documenting assessment findings, and recommending risk mitigation strategies.
• Maintains accurate records of vulnerability assessments, tracking progress, and maintaining vulnerability databases.
• Utilizes vulnerability assessment tools and technologies to conduct scans, analyze results, and assist in identifying emerging threats.
• Stays updated with the latest vulnerabilities, exploits, and security trends to enhance assessment methodologies.
• Works closely with cross-functional teams, including IT operations, development teams, and security stakeholders, to communicate vulnerability findings, mitigation strategies, and remediation progress.
• Provides guidance and assistance to ensure a coordinated response to vulnerabilities.
• Participates in security awareness programs and provide training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene to promote a culture of security awareness.
• Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools.
• Identifies areas for improvement and recommend solutions to enhance efficiency and effectiveness in vulnerability management practices.
• Performs any other task as required.

To thrive in this role, you need to have:

• Familiarity with vulnerability assessment methodologies, tools, and industry best practices.
• Basic understanding of networking concepts, operating systems, and common software vulnerabilities.
• Knowledge of vulnerability scanning tools such as Nessus, OpenVAS, Qualys, or similar tools.
• Understanding of risk analysis principles and the ability to assess the business impact of vulnerabilities.
• Familiarity with vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases.
• Good analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend remediation actions.
• Good communication skills, both written and verbal, to effectively communicate technical concepts to non-technical stakeholders.
• Ability to collaborate and work effectively in cross-functional teams.
• Familiarity with security frameworks and standards, such as NIST, ISO 27001, or CIS Controls, is advantageous.

Academic qualifications and certifications:

• Bachelor's degree or equivalent in Computer Science, Information Security, or a related field.
• Relevant certifications, such as Certified Ethical Hacker (CEH), CompTIA Security+, or GIAC Certified Penetration Tester (GPEN), are beneficial but not required.

Required experience:

• Entry level of relevant experience in information security or related roles, with a focus on conducting vulnerability assessments and driving remediation efforts.
• Entry level of demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, penetration testing, or code review.

Workplace type:

Hybrid Working

About NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

---