Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.
Your day at NTT DATA
The Senior Associate Vulnerability Assessment Specialist is a developing subject matter expert, responsible for conducting vulnerability assessments, analyzing findings, and providing expert recommendations to mitigate security risks within the organization's systems and infrastructure.
This role requires collaboration with cross-functional teams, and performs vulnerability assessments, analyzes findings, and provides recommendations to mitigate security risks.
Key responsibilities:- Conducts vulnerability scans using automated tools and manual techniques to identify vulnerabilities in systems, networks, applications, and infrastructure components.
- Analyzes scan results and determine the severity, exploitability, and potential impact of identified vulnerabilities.
- Assesses the potential risks associated with identified vulnerabilities.
- Collaborates with system owners, administrators, and IT teams to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities.
- Conducts advanced vulnerability assessments, including application security assessments, penetration testing, and code review, to identify complex vulnerabilities and security weaknesses.
- Utilizes manual testing techniques and industry-standard methodologies.
- Utilizes and manages vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools.
- Configures and fine-tunes scan policies and parameters to enhance assessment accuracy and coverage.
- Prepares comprehensive vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions.
- Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner.
- Participates in security awareness programs and provide training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene. Foster a culture of security awareness within the organization.
- Participates in incident response efforts related to vulnerabilities, collaborate with cross-functional teams, and contribute to post-incident analysis.
- Identifies root causes, provide recommendations for improvement, and drive preventive measures.
- Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, collaboration, and alignment on vulnerability management goals.
- Builds relationships and influence stakeholders to drive remediation efforts.
- Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools.
- Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices.
- Performs any other related task as required.
To thrive in this role, you need to have:- Understanding of vulnerability assessment methodologies, tools, and industry best practices.
- Good understanding of networking concepts, operating systems, and common software vulnerabilities.
- Proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools.
- Knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities.
- Strong knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases.
- Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions.
- Good written and verbal communication skills to prepare comprehensive reports and communicate technical information to diverse stakeholders.
- Familiarity with security frameworks, standards, and regulatory compliance requirements.
- Ability to collaborate and work effectively with stakeholders and cross-functional teams.
Academic qualifications and certifications:- Bachelor's degree or equivalent in Computer Science, Information Security, or a related field.
- Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or GIAC Certified Web Application Penetration Tester (GWAPT) are beneficial.
Required experience:- Moderate level of relevant experience in information security or related roles, with a focus on conducting vulnerability assessments and driving remediation efforts.
- Moderate level of demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, penetration testing, or code review
Workplace type:
Hybrid Working
About NTT DATA
NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world’s leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our consulting and industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is part of NTT Group, which invests over $3 billion each year in R&D.
Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Third parties fraudulently posing as NTT DATA recruiters
NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters—whether in writing or by phone—in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an @nttdata.com email address. If you suspect any fraudulent activity, please contact us.