Senior Associate Vulnerability Assessment Specialist

Continue to make an impact with a company that is pushing the boundaries of what is possible. At NTT DATA, we are renowned for our technical excellence, leading innovations, and making a difference for our clients and society. Our workplace embraces diversity and inclusion – it's a place where you can continue to grow, belong, and thrive.

Your career here is about believing in yourself and seizing new opportunities and challenges. It's about expanding your skills and expertise in your current role and preparing yourself for future advancements. That's why we encourage you to take every opportunity to further your career within our great global team.

Your day at NTT DATA
The Senior Associate Vulnerability Assessment Specialist is a developing subject matter expert, responsible for conducting vulnerability assessments, analyzing findings, and providing expert recommendations to mitigate security risks within the organization's systems and infrastructure.

This role requires collaboration with cross-functional teams, and performs vulnerability assessments, analyzes findings, and provides recommendations to mitigate security risks.

Key responsibilities:

• Conducts vulnerability scans using automated tools and manual techniques to identify vulnerabilities in systems, networks, applications, and infrastructure components.
• Analyzes scan results and determine the severity, exploitability, and potential impact of identified vulnerabilities.
• Assesses the potential risks associated with identified vulnerabilities.
• Collaborates with system owners, administrators, and IT teams to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities.
• Conducts advanced vulnerability assessments, including application security assessments, penetration testing, and code review, to identify complex vulnerabilities and security weaknesses.
• Utilizes manual testing techniques and industry-standard methodologies.
• Utilizes and manages vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools.
• Configures and fine-tunes scan policies and parameters to enhance assessment accuracy and coverage.
• Prepares comprehensive vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions.
• Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner.
• Participates in security awareness programs and provide training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene. Foster a culture of security awareness within the organization.
• Participates in incident response efforts related to vulnerabilities, collaborate with cross-functional teams, and contribute to post-incident analysis.
• Identifies root causes, provide recommendations for improvement, and drive preventive measures.
• Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, collaboration, and alignment on vulnerability management goals.
• Builds relationships and influence stakeholders to drive remediation efforts.
• Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools.
• Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices.
• Performs any other related task as required.

To thrive in this role, you need to have:

• Understanding of vulnerability assessment methodologies, tools, and industry best practices.
• Good understanding of networking concepts, operating systems, and common software vulnerabilities.
• Proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools.
• Knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities.
• Strong knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases.
• Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions.
• Good written and verbal communication skills to prepare comprehensive reports and communicate technical information to diverse stakeholders.
• Familiarity with security frameworks, standards, and regulatory compliance requirements.
• Ability to collaborate and work effectively with stakeholders and cross-functional teams.

Academic qualifications and certifications:

• Bachelor's degree or equivalent in Computer Science, Information Security, or a related field.
• Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or GIAC Certified Web Application Penetration Tester (GWAPT) are beneficial.

Required experience:

• Moderate level of relevant experience in information security or related roles, with a focus on conducting vulnerability assessments and driving remediation efforts.
• Moderate level of demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, penetration testing, or code review

Workplace type:

Hybrid Working

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Accelerate your career with us. Apply today

---