Who We Are
NTT DATA is one of the world's largest global security service providers, partnering with some of the most recognized security technology brands. We're looking for passionate, curious, and motivated individuals to join our team.
What You'll Be Doing
* Conduct vulnerability assessments using tools like Nessus, Qualys, Rapid7, and OpenVAS.
* Perform manual validation of automated scan results to eliminate false positives.
* Analyze vulnerabilities to assess exploitability and business impact.
* Create detailed reports with actionable remediation guidance.
* Evaluate vulnerabilities using CVSS scoring and business context.
* Prioritize remediation efforts based on risk exposure and asset criticality.
* Collaborate with threat intelligence teams to incorporate emerging threat data.
* Work with IT teams to develop and implement remediation strategies.
* Provide technical guidance on mitigation techniques and validate fixes.
* Maintain up-to-date vulnerability databases and track remediation progress.
* Support compliance initiatives, including PCI and regulatory audits.
* Prepare executive and technical reports on vulnerability posture.
* Maintain metrics on vulnerability discovery, remediation rates, and overall security improvements.
* Stay informed about emerging vulnerabilities and attack techniques.
* Evaluate and recommend new vulnerability assessment tools and methodologies.
* Contribute to knowledge sharing and best practices within the team.
What You'll Bring Along
* Bachelor's degree in Cybersecurity, Computer Science, IT, or related field (or equivalent experience).
* Minimum 1–3 years of experience in cybersecurity or IT security roles.
* Proficiency with vulnerability scanning tools (e.g., Nessus, Qualys, Rapid7, OpenVAS).
* Strong understanding of common vulnerabilities (e.g., OWASP Top 10, SANS Top 25).
* Knowledge of network protocols, operating systems, and application security.
* Experience with scripting languages (Python, PowerShell, Bash) for automation.
* Familiarity with CVSS scoring and risk assessment frameworks.
* Strong analytical and problem-solving abilities.
* Excellent written and verbal communication skills.
* Attention to detail and accuracy in technical analysis.
* Ability to manage multiple assessments independently.
* Direct experience working in government, military, or intelligence organizations advantageous.
* CREST Practitioner Security Analyst (CPSA), CEH, GCIH, Security+, or equivalent.
* Vendor-specific certifications (e.g., Nessus, Qualys).
* Excellent command of both spoken and written English.