Senior Associate Specialist - VMaaS

Make an impact with NTT DATA
Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

Your day at NTT DATA

The Senior Associate Specialist - VMaaS is a developing subject matter expert, responsible for conducting vulnerability assessments, analyzing findings, and providing expert recommendations to mitigate security risks within the organization's systems and infrastructure.

This role requires collaboration with cross-functional teams, and performs vulnerability assessments, analyzes findings, and provides recommendations to mitigate security risks.

What you'll be doing

Key Responsibilities:

• Conducts vulnerability scans using automated tools and manual techniques to identify vulnerabilities in systems, networks, applications, and infrastructure components.
• Analyzes scan results and determine the severity, exploitability, and potential impact of identified vulnerabilities.
• Assesses the potential risks associated with identified vulnerabilities.
• Collaborates with system owners, administrators, and IT teams to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities.
• Conducts advanced vulnerability assessments, including application security assessments, penetration testing, and code review, to identify complex vulnerabilities and security weaknesses.
• Utilizes manual testing techniques and industry-standard methodologies.
• Utilizes and manages vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools.
• Configures and fine-tunes scan policies and parameters to enhance assessment accuracy and coverage.
• Prepares comprehensive vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions.
• Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner.
• Participates in security awareness programs and provide training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene. Foster a culture of security awareness within the organization.
• Participates in incident response efforts related to vulnerabilities, collaborate with cross-functional teams, and contribute to post-incident analysis.
• Identifies root causes, provide recommendations for improvement, and drive preventive measures.
• Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, collaboration, and alignment on vulnerability management goals.
• Builds relationships and influence stakeholders to drive remediation efforts.
• Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools.
• Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices.
• Performs any other related task as required.

Knowledge and Attributes:

• Understanding of vulnerability assessment methodologies, tools, and industry best practices.
• Good understanding of networking concepts, operating systems, and common software vulnerabilities.
• Proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools.
• Knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities.
• Strong knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases.
• Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions.
• Good written and verbal communication skills to prepare comprehensive reports and communicate technical information to diverse stakeholders.
• Familiarity with security frameworks, standards, and regulatory compliance requirements.
• Ability to collaborate and work effectively with stakeholders and cross-functional teams.

Academic Qualifications and Certifications:

• Bachelor's degree or equivalent in Computer Science, Information Security, or a related field.
• Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or GIAC Certified Web Application Penetration Tester (GWAPT) are beneficial.

Required Experience:

• Moderate level of relevant experience in information security or related roles, with a focus on conducting vulnerability assessments and driving remediation efforts.
• Moderate level of demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, penetration testing, or code review

Workplace type:

Hybrid Working

About NTT DATA
NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer
NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.