About this role
Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.
The Vulnerability Assessment Specialist is a seasoned subject matter expert, responsible for conducting advanced vulnerability assessments, identifying vulnerabilities, and provides expert recommendations to mitigate security risks to ensure the security and integrity of the organization's systems and infrastructure.
This role requires collaboration with cross-functional teams, and they lead/perform vulnerability assessments, analyze findings, and provide recommendations to mitigate security risks and contributes to the improvement of vulnerability management practices.
- Conducts vulnerability assessments using automated scanning tools and manual techniques to identify security vulnerabilities in systems, networks, applications, and infrastructure components.
- Analyzes scan results and prioritizes vulnerabilities based on severity, impact, and exploitability.
- Assesses the potential risks associated with identified vulnerabilities.
- Analyzes the business impact, likelihood of exploitation, and potential attack vectors to prioritize remediation efforts based on risk severity.
- Provides detailed remediation recommendations to system owners, administrators, and IT teams.
- Collaborates to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities.
- Utilizes vulnerability scanning tools such as Nessus, OpenVAS, Qualys, or similar tools to conduct scans, configure scan policies, and fine-tune scan parameters for accurate and comprehensive assessments.
- Prepares vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions.
- Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner.
- Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, coordination, and alignment on vulnerability management efforts. Communicates technical concepts and recommendations to non-technical stakeholders.
- Participates in security awareness programs and provides training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene.
- Promotes a culture of security awareness within the organization.
- Collaborates with incident response teams to identify and address vulnerabilities associated with security incidents.
- Provides support during incident response efforts and contribute to post-incident analysis and remediation.
- Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices.
- Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools.
- Shares knowledge and provides guidance to improve vulnerability management practices.
- Performs any other related task as required.
- Seasoned understanding of vulnerability assessment methodologies, tools, and industry best practices.
- Seasoned understanding of networking concepts, operating systems, and common software vulnerabilities.
- Solid proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools.
- Seasoned knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities.
- Solid knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases.
- Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions.
- Excellent written and verbal communication skills to prepare vulnerability assessment reports and effectively communicate technical information to diverse stakeholders.
- Excellent collaboration and teamwork skills to work effectively with cross-functional teams and stakeholders.
- Seasoned familiarity with security frameworks, standards, and regulatory compliance requirements.
- Bachelor's degree or equivalent in Computer Science, Information Security, or a related field.
- Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or GIAC Certified Vulnerability Assessor (GCVA) are beneficial.
- Seasoned demonstrated experience in information security or related roles, with a focus on conducting vulnerability assessments and providing remediation recommendations.
- Seasoned demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, penetration testing, or code review.
Workplace type:
Hybrid WorkingAbout NTT DATA
NTT DATA is a $30+ billion business and technology services leader, serving 75% of the Fortune Global 100. We are committed to accelerating client success and positively impacting society through responsible innovation. We are one of the world’s leading AI and digital infrastructure providers, with unmatched capabilities in enterprise-scale AI, cloud, security, connectivity, data centers and application services. Our consulting and industry solutions help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have experts in more than 50 countries. We also offer clients access to a robust ecosystem of innovation centers as well as established and start-up partners. NTT DATA is part of NTT Group, which invests over $3 billion each year in R&D.
Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.
Third parties fraudulently posing as NTT DATA recruiters
NTT DATA recruiters will never ask job seekers or candidates for payment or banking information during the recruitment process, for any reason. Please remain vigilant of third parties who may attempt to impersonate NTT DATA recruiters—whether in writing or by phone—in order to deceptively obtain personal data or money from you. All email communications from an NTT DATA recruiter will come from an @nttdata.com email address. If you suspect any fraudulent activity, please contact us.
Other facts
About NTT Ltd.
NTT DATA, Inc. is a trusted global innovator of business and technology services. We're committed to helping clients innovate, optimize and transform for long-term success. Our R&D investments help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity.
What you'll do
- The Vulnerability Assessment Specialist conducts advanced vulnerability assessments and provides expert recommendations to mitigate security risks. They collaborate with cross-functional teams to analyze findings and improve vulnerability management practices.
Ready to join NTT Ltd.?
Take the next step in your career journey