Security Specialist - Vulnerability Management

Req ID: 295371 

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Security Specialist - Vulnerability Management to join our team in Hybrid, Karnātaka (IN-KA), India (IN).

Security Specialist – Vulnerability Management.

This position is a part of the Vulnerability Management service acting as the primary support to the lead for the Vulnerability Management team and own identifying, quantifying, and managing cyber vulnerabilities across Organization, in conjunction with other parts of the supportive teams at LII.

The role will be responsible for assessing the security vulnerabilities & threats identified by the infrastructure scan. He should work with appropriate teams across the businesses and associated 3rd parties to ensure appropriate remediation plans are defined and implemented.

Roles & Responsibilities:

• Hands-on experience working with Vulnerability assessment tools like Qualys, Nexpose, Nessus & vulnerability response (ServiceNow), Splunk.
• Perform information system security vulnerability scanning to discover and analyze vulnerabilities and characterize risks to networks, operating systems, applications, databases, and other information system components.
• Perform compliance scanning to analyze configurations and facilitate implementation of configurations and hardening settings for networks, operating systems, applications, databases, and other information system components.
• Maintaining appropriate documentation that defines the Threat & Vulnerability Management Program, Policy and Procedures
• Participated in the calls to resolve information security incidents, including internal events and targeted threats.
• Research, evaluate, and assess emerging cyber security threats, incidents, and vulnerabilities.
• Work with the stakeholders to develop and maintain a vulnerability intelligence process that monitors for emerging systems vulnerabilities.
• Prioritize the remediation of vulnerabilities based on their characteristics, such as threat intelligence, business criticality, and exploit maturity.
• Define minimum standards in relation to threat management and monitoring compliance across the businesses.
• Take responsibility for scheduling, detecting, and analyzing vulnerabilities and vulnerability-related activity affecting the organization domain.
• Help create prioritized overviews of cyber vulnerabilities by putting them in the context of IT services and business applications, leading to remediation actions by the respective parties.
• Conduct deep-dive analysis on attacks and share actionable data with partner teams.
• Ensure the accurate and timely release of vulnerability metrics.
• Report on areas of non-compliance against Policy and/or Group Standards

Person Specification:

Essential

• Good knowledge of security monitoring approaches, techniques, and widely used products to seek out security threats and improve an organization’s security posture.
• Experience with threat and vulnerability management and other security operations processes and techniques (such as identity management, cryptography, patch management, etc.). Knowledge of threats to widely used digital and technology systems, including on-prem and cloud-based solutions.
• Interprets device and application logs from various sources (i.e., Splunk, Firewalls, Proxies, Web Servers, System Logs, Packet Captures, etc.) to identify anomalies or evidence of compromise.
• Experience defining a Threat and Vulnerability Management solution using tools such as Qualys/Tenable.io/Rapid 7/Nessus/Vulnerability Response (ServiceNow)/Azure Threat management platform/Other Cloud Security Technologies.
• Minimum five to ten plus years of Experience working within a Security Operations Centre or Incident Response Team.
• Use of threat intelligence to identify potential threats, assess their impact, and provide actionable insights to the organization.
• Certification in vulnerability management related to Nessus, Nexpose & ServiceNow Vulnerability response.
• Any Certification in CEH, CompTIA PenTest+, Certified Penetration Tester (CPT), Certified Cloud Penetration Tester (CCPT) etc.

Desirable (Technical requirements)

• A broad background in information security with experience in security operations, vulnerabilities and exploitation, network security, and cloud security
• Relevant experience in cybersecurity architecture, engineering, and/or SOC work experience (monitoring, detection, incident response, forensics)
• Monitoring for emerging threat patterns and vulnerabilities
• Vulnerability Scheduling, monitoring & troubleshooting the tools we manage.
• Threat Report Generation based on the stakeholder's requirements.

About NTT DATA

NTT DATA is a $30 billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long term success. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure and connectivity. We are one of the leading providers of digital and AI infrastructure in the world. NTT DATA is a part of NTT Group, which invests over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. Visit us at us.nttdata.com

NTT DATA is an equal opportunity employer and considers all applicants without regarding to race, color, religion, citizenship, national origin, ancestry, age, sex, sexual orientation, gender identity, genetic information, physical or mental disability, veteran or marital status, or any other characteristic protected by law. We are committed to creating a diverse and inclusive environment for all employees. If you need assistance or an accommodation due to a disability, please inform your recruiter so that we may connect you with the appropriate team.

#LI-MIWS