CrawlJobs Logo
NTT DATA Logo NTT DATA · IT - Administration

Vulnerability Assessment Analyst

India, Bangalore · Job Posted February 28, 2026
Apply Position
Job Link Share

Job Description

The Vulnerability Assessment Specialist is a seasoned subject matter expert, responsible for conducting advanced vulnerability assessments, identifying vulnerabilities, and provides expert recommendations to mitigate security risks to ensure the security and integrity of the organization's systems and infrastructure. This role requires collaboration with cross-functional teams, and they lead/perform vulnerability assessments, analyze findings, and provide recommendations to mitigate security risks and contributes to the improvement of vulnerability management practices.

Job Responsibility

  • Conducts vulnerability assessments using automated scanning tools and manual techniques to identify security vulnerabilities in systems, networks, applications, and infrastructure components
  • Analyzes scan results and prioritizes vulnerabilities based on severity, impact, and exploitability
  • Assesses the potential risks associated with identified vulnerabilities
  • Analyzes the business impact, likelihood of exploitation, and potential attack vectors to prioritize remediation efforts based on risk severity
  • Provides detailed remediation recommendations to system owners, administrators, and IT teams
  • Collaborates to develop practical mitigation strategies, configuration changes, and patch management processes to address identified vulnerabilities
  • Utilizes vulnerability scanning tools such as Nessus, OpenVAS, Qualys, or similar tools to conduct scans, configure scan policies, and fine-tune scan parameters for accurate and comprehensive assessments
  • Prepares vulnerability assessment reports, documenting assessment findings, risk analysis, and recommended actions
  • Communicates assessment results to stakeholders, including technical and non-technical audiences, in a clear and concise manner
  • Collaborates with cross-functional teams, including IT operations, development teams, and security stakeholders, to ensure effective communication, coordination, and alignment on vulnerability management efforts. Communicates technical concepts and recommendations to non-technical stakeholders
  • Participates in security awareness programs and provides training to end-users and stakeholders on vulnerability management best practices, secure coding, and security hygiene
  • Promotes a culture of security awareness within the organization
  • Collaborates with incident response teams to identify and address vulnerabilities associated with security incidents
  • Provides support during incident response efforts and contribute to post-incident analysis and remediation
  • Stays updated with the latest security trends, emerging vulnerabilities, and industry best practices
  • Contributes to the enhancement of vulnerability assessment processes, methodologies, and tools
  • Shares knowledge and provides guidance to improve vulnerability management practices
  • Performs any other related task as required

Requirements

  • Bachelor's degree or equivalent in Computer Science, Information Security, or a related field
  • Relevant certifications such as Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), or GIAC Certified Vulnerability Assessor (GCVA) are beneficial
  • Seasoned demonstrated experience in information security or related roles, with a focus on conducting vulnerability assessments and providing remediation recommendations
  • Seasoned demonstrated experience in conducting advanced vulnerability assessments, including application security assessments, penetration testing, or code review
  • Seasoned understanding of vulnerability assessment methodologies, tools, and industry best practices
  • Seasoned understanding of networking concepts, operating systems, and common software vulnerabilities
  • Solid proficiency in using vulnerability assessment tools such as Nessus, OpenVAS, Qualys, or similar tools
  • Seasoned knowledge of risk analysis principles and the ability to assess the business impact of vulnerabilities
  • Solid knowledge of vulnerability management frameworks, such as CVE, CVSS, and common vulnerability databases
  • Strong analytical and problem-solving skills to analyze scan results, prioritize vulnerabilities, and recommend effective remediation actions
  • Excellent written and verbal communication skills to prepare vulnerability assessment reports and effectively communicate technical information to diverse stakeholders
  • Excellent collaboration and teamwork skills to work effectively with cross-functional teams and stakeholders
  • Seasoned familiarity with security frameworks, standards, and regulatory compliance requirements
NTT DATA - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Vulnerability Assessment Analyst

8 matching positions

Vulnerability Analyst

We are seeking a Vulnerability Analyst to support a new solution initiative focu...
Location
Location
United States
Salary
Salary:
Not provided
tier4group.com Logo
Tier4 Group
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's degree in Computer Science, Information Systems, Business, or a related field (or equivalent experience)
  • Minimum of 2 years of relevant experience in business analysis, project management, or a related role
  • Strong analytical skills with the ability to work with large datasets
  • Proficiency in Microsoft Office (Word, Excel, PowerPoint)
  • Technical aptitude to assess and validate data accuracy
  • High attention to detail and strong organizational skills
Job Responsibility
Job Responsibility
  • Support vulnerability management solutions and infrastructure-related initiatives
  • Review and validate high-volume data to ensure accuracy and consistency
  • Work with databases to maintain and improve data quality and reliability
  • Assist in refining vulnerability reporting files and outputs
  • Identify gaps, inconsistencies, and opportunities for process improvement
  • Collaborate with cross-functional teams while maintaining the ability to work independently
  • Coordinate and facilitate meetings with stakeholders as needed
Read More
Arrow Right

System Vulnerability Analyst

We are searching for a System Vulnerability Analyst to support a watch desk in c...
Location
Location
United States , Central Maryland
Salary
Salary:
187000.00 - 241000.00 USD / Year
realmone.com Logo
RealmOne
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience with computer or information systems design/development, programming, information/cyber/network security, vulnerability analysis, penetration testing, computer forensics, information assurance, and/or systems engineering
  • Doctoral degree with 7 years of relevant experience
  • Master's degree with 9 years of relevant experience
  • Bachelor's Degree with 11 years of relevant experience
  • Associates degree with 13 years of relevant experience
  • Degree must be in Computer Science or a related field
  • Completion of military training in a relevant area such as JCAC, UCT, NWBC/INWT, Cyber Defense Operations
  • Information Assurance Certification may be required
  • Active Security Clearance with appropriate Polygraph
Job Responsibility
Job Responsibility
  • Conduct vulnerability assessments
  • Collaborate with mission partners
  • Respond to requests for information
  • Work a 10AM to 6PM schedule
What we offer
What we offer
  • Healthcare Coverage + Insurance: Medical (three options through CareFirst with 100% or majority company-paid premiums)
  • Dental + Vision (100% employer-paid for employees and family)
  • Tax-advantaged health savings account with generous employer contribution
  • Retirement + Savings: 401K – 10% total contribution (5% safe harbor + 5% annual profit share)
  • Paid Time Off: 4 weeks starting PTO
  • 11 federal holidays + 2 floating holidays
  • Paid hours for company-required training
  • Career Growth + Development: Free 24/7 learning via Udemy
  • $7,500 annual Educational & Professional Development Assistance
  • Paid parental leave
  • Fulltime
Read More
Arrow Right

Vulnerability Analyst

The Vulnerability Analyst role at NTT DATA involves conducting vulnerability ass...
Location
Location
Romania
Salary
Salary:
Not provided
nttdata.com Logo
NTT DATA
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field (or equivalent experience)
  • Minimum 1–3 years of experience in cybersecurity or IT security roles
  • Proficiency with vulnerability scanning tools (e.g., Nessus, Qualys, Rapid7, OpenVAS)
  • Strong understanding of common vulnerabilities (e.g., OWASP Top 10, SANS Top 25)
  • Knowledge of network protocols, operating systems, and application security
  • Experience with scripting languages (Python, PowerShell, Bash) for automation
  • Familiarity with CVSS scoring and risk assessment frameworks
  • Strong analytical and problem-solving abilities
  • Excellent written and verbal communication skills
  • Attention to detail and accuracy in technical analysis
Job Responsibility
Job Responsibility
  • Conduct vulnerability assessments using tools like Nessus, Qualys, Rapid7, and OpenVAS
  • Perform manual validation of automated scan results to eliminate false positives
  • Analyze vulnerabilities to assess exploitability and business impact
  • Create detailed reports with actionable remediation guidance
  • Evaluate vulnerabilities using CVSS scoring and business context
  • Prioritize remediation efforts based on risk exposure and asset criticality
  • Collaborate with threat intelligence teams to incorporate emerging threat data
  • Work with IT teams to develop and implement remediation strategies
  • Provide technical guidance on mitigation techniques and validate fixes
  • Maintain up-to-date vulnerability databases and track remediation progress
What we offer
What we offer
  • Smooth integration and a supportive mentor
  • Choose from Remote, Hybrid or Office work opportunities
  • Projects have different working hours to suit your needs
  • Sponsored certifications, trainings and top e-learning platforms
  • Private Health Insurance
  • Individual coaching sessions or accredited Coaching School
  • Epic parties or themed events
Read More
Arrow Right

Lessons Learned Assessment Analyst Subject Matter Expert

This position, located at Eielson AFB, Alaska, provides technical expertise to g...
Location
Location
United States , Fairbanks
Salary
Salary:
95000.00 - 115000.00 USD / Year
amentum.com Logo
Amentum
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A Bachelor’s degree from an accredited college or university
  • Air Force Specialty Code (AFSC) 11F, Fighter Pilot equivalent technical expertise to gather, develop, analyze, promulgate, and apply Lessons Learned associated with MFEs
  • Strong interpersonal skills and demonstrated ability to work across diverse groups of people and at all levels of an organization
  • Comprehensive knowledge of exercise design and conversant in Joint Fires, Air and Ground tactics, capabilities and equipment
  • Experience working with constructive simulation and LVC-IA systems
  • Experience planning/executing large Joint/Combined exercises
  • Experience in planning/executing large exercises
  • US Citizen
  • Top Secret Clearance or ability to obtain is required
  • Applicants must have a valid state driver’s license
Job Responsibility
Job Responsibility
  • Serves as Subject Matter Expert for the capture, consolidation and integration of lessons learned into exercise planning and scenario development
  • Attend and participate in exercise planning conferences, providing past lessons learned/assessments as required, and aiding exercise participants in formulating training objectives and mission essential task lists (METLs) to meet exercise-related JT and then compile the listings of METLs, objectives, JTs, and schedules
  • Perform technical data analysis, provide verbal and written feedback, and publish interim reports regarding exercise participant’s ability to achieve unit objectives, METLs, and JTs on a daily basis during exercise periods
  • Produce daily feedback reports and post as required in the operations area and mission planning cell after each vulnerability period
  • Monitor, collect, analyze, and archive all data required throughout the exercise
  • Develop, distribute, manage, and collect post-exercise event participant critiques
  • Recommend questions/topics based on historical problem areas and/or areas of historically high interest
  • Compile, analyze, and summarize critique inputs, and then provide products with recommendations for corrective actions to 353 CTS
  • Aid exercise execution personnel in publishing a comprehensive After Action Report, including all lessons learned and/or technical insight into why or why not objectives, METLs, and/or JTs were met or not met
  • Enter after action reports and significant findings into the Air Force Joint Lessons Learned Information System
What we offer
What we offer
  • Health, dental, and vision insurance
  • Paid time off and holidays
  • Retirement benefits (including 401(k) matching)
  • Educational reimbursement
  • Parental leave
  • Employee stock purchase plan
  • Tax-saving options
  • Disability and life insurance
  • Pet insurance
  • Fulltime
Read More
Arrow Right

Cloud Assessment Analyst III

The Cloud Assessment Analyst III supports DoD and FedRAMP cybersecurity oversigh...
Location
Location
United States , Ft. Meade
Salary
Salary:
96000.00 - 110000.00 USD / Year
chickasaw.com Logo
Chickasaw Nation Industries, Inc (CNI)
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • The ability to obtain, maintain and access classified information at the TS/SCI level
  • DoD 8570 IAM/IAT Level II certification
  • Strong knowledge and hands-on experience with FedRAMP, NIST SP 800-53, DoD RMF, and related cybersecurity frameworks
  • Proven experience working with Cloud Service Providers (CSPs) in a government or regulated environment
  • Expertise in evaluating security control implementations, conducting Annual Assessments, reviewing POA&Ms, deviation requests, and other artifacts related to risk posture
  • Demonstrated experience using eMASS, and familiarity with other GRC tools used by DoD or federal agencies
  • Solid understanding of vulnerability scanning tools, SIEM platforms, and security monitoring tools
  • Strong analytical skills with the ability to interpret technical data and identify risks and mitigation strategies
  • Excellent verbal and written communication skills to produce technical reports, risk summaries, and briefings for stakeholders including Authorizing Officials (AOs)
  • Experience developing or maintaining Continuous Monitoring (ConMon) plans, reports, and dashboards
Job Responsibility
Job Responsibility
  • Conducts thorough reviews and analyses of Deviation Requests including validations or justifications for security findings
  • Evaluates and develops Monthly One Pagers that summarize the cybersecurity posture of Cloud Service Offerings (CSOs)
  • Performs Annual Assessments to validate the implementation of mandatory security controls across the CSO baseline and assess one-third of the remaining controls annually
  • Prepares and reviews weekly Playbooks to report on the Continuous Monitoring (ConMon) status of designated CSOs
  • Reviews and assesses Security Change Requests (SCRs) that propose new requirements or capabilities for CSOs
  • Analyzes scan data, Plans of Action and Milestones (POA&Ms), and other change artifacts to assess ongoing risk posture changes of Cloud Service Providers (CSPs)
  • Ensures the DoD and FedRAMP monitoring programs enable effective oversight of CSPs by providing risk-based data to inform Authorizing Officials (AOs)
  • Performs ongoing assessments and validations to confirm that security controls are implemented and compliant with DoD and FedRAMP standards
  • Ensures effective operation of system safeguards and controls through a proactive, risk-based monitoring approach
  • Maintains continuous visibility into CSP applications and devices to support data-driven decision-making and adherence to authorized risk thresholds
What we offer
What we offer
  • Medical
  • Dental
  • Vision
  • Company Life Insurance
  • Short-Term and Long-Term Disability Insurance
  • 401(K) Immediate Vesting
  • Professional Development Assistance
  • Legal Aid Assistance Program
  • Family Planning / Fertility Assistance
  • Personal Time Off
  • Fulltime
Read More
Arrow Right

Security Vulnerability Analyst

Stride is seeking a Security Vulnerability Analyst professional to drive the tec...
Location
Location
United States
Salary
Salary:
53944.50 - 100000.00 USD / Year
stridelearning.com Logo
Stride, Inc.
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Three (3) years of experience in security operations or vulnerability management
  • Hands-on experience with Tenable, Qualys, or similar vulnerability platforms in cloud-native environments
  • Deep knowledge of cloud security principles, particularly around AWS and Azure services
  • Familiarity with regulatory frameworks (NIST CSF, SOX, FRAPRA)
  • Strong interpersonal and communication skills, with experience leading cross-functional remediation efforts
  • Ability to present risk findings to both technical and executive stakeholders
  • Ability to clear required background check
Job Responsibility
Job Responsibility
  • Lead/Assist vulnerability management operations across all cloud (AWS/Azure) and SaaS environments
  • Own the configuration, tuning, and operational use of vulnerability management tooling (Tenable One or equivalent)
  • Prioritize vulnerabilities using threat-based models (EPSS, CVSS, CISA KEVs), working closely with the SOC and threat intel teams
  • Serve as the primary liaison to Engineering, Infrastructure, and AppSec teams to coordinate remediation plans and validate fixes
  • Track and report remediation SLAs, exceptions, and risk acceptance items
  • Provide vulnerability metrics and trends for leadership, compliance, and audit purposes (SOX, FRAPRA)
  • Participate in incident response activities related to active exploitation or critical vulnerabilities
  • Develop SOPs, playbooks, and dashboards for vulnerability tracking and reporting
  • Document all vulnerability management policies, procedures, and standards and keep them update
  • Correlate vulnerability findings with threat intelligence feeds to assess real-world risk
What we offer
What we offer
  • health benefits
  • retirement contributions
  • paid time off
  • bonus (eligible employees)
  • Fulltime
Read More
Arrow Right

Cloud Assessment Analyst III

The Cloud Assessment Analyst III supports DoD and FedRAMP cybersecurity oversigh...
Location
Location
United States , Ft. Meade
Salary
Salary:
96000.00 - 110000.00 USD / Year
chickasaw.com Logo
Chickasaw Nation Industries, Inc (CNI)
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have an active DoD Top Secret clearance with SCI eligibility
  • DoD 8570 IAM/IA Technical (IAT) Level III certification
  • Strong knowledge and hands-on experience with FedRAMP, NIST SP 800-53, DoD RMF, and related cybersecurity frameworks
  • Proven experience working with Cloud Service Providers (CSPs) in a government or regulated environment
  • Expertise in evaluating security control implementations, conducting Annual Assessments, reviewing POA&Ms, deviation requests, and other artifacts related to risk posture
  • Demonstrated experience using eMASS, and familiarity with other GRC tools used by DoD or federal agencies
  • Solid understanding of vulnerability scanning tools, SIEM platforms, and security monitoring tools
  • Strong analytical skills with the ability to interpret technical data and identify risks and mitigation strategies
  • Excellent verbal and written communication skills to produce technical reports, risk summaries, and briefings for stakeholders including Authorizing Officials (AOs)
  • Experience developing or maintaining Continuous Monitoring (ConMon) plans, reports, and dashboards
Job Responsibility
Job Responsibility
  • Conducts thorough reviews and analyses of Deviation Requests including validations or justifications for security findings
  • Evaluates and develops Monthly One Pagers that summarize the cybersecurity posture of Cloud Service Offerings (CSOs)
  • Performs Annual Assessments to validate the implementation of mandatory security controls across the CSO baseline and assess one-third of the remaining controls annually
  • Prepares and reviews weekly Playbooks to report on the Continuous Monitoring (ConMon) status of designated CSOs
  • Reviews and assesses Security Change Requests (SCRs) that propose new requirements or capabilities for CSOs
  • Analyzes scan data, Plans of Action and Milestones (POA&Ms), and other change artifacts to assess ongoing risk posture changes of Cloud Service Providers (CSPs)
  • Ensures the DoD and FedRAMP monitoring programs enable effective oversight of CSPs by providing risk-based data to inform Authorizing Officials (AOs)
  • Performs ongoing assessments and validations to confirm that security controls are implemented and compliant with DoD and FedRAMP standards
  • Ensures effective operation of system safeguards and controls through a proactive, risk-based monitoring approach
  • Maintains continuous visibility into CSP applications and devices to support data-driven decision-making and adherence to authorized risk thresholds
What we offer
What we offer
  • Medical
  • Dental
  • Vision
  • 401(k)
  • Family Planning/Fertility Assistance
  • STD/LTD/Basic Life/AD&D
  • Legal-Aid Program
  • Employee Assistance Program (EAP)
  • Paid Time Off (PTO) – (11) Federal Holidays
  • Training and Development Opportunities
  • Fulltime
Read More
Arrow Right

Cloud Assessment Analyst III

The Cloud Assessment Analyst III supports DoD and FedRAMP cybersecurity oversigh...
Location
Location
United States , Ft. Meade
Salary
Salary:
96000.00 - 110000.00 USD / Year
chickasaw.com Logo
Chickasaw Nation Industries, Inc (CNI)
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Have an active DoD Top Secret clearance with SCI eligibility
  • DoD 8570 IAM/IA Technical (IAT) Level III certification
  • Strong knowledge and hands-on experience with FedRAMP, NIST SP 800-53, DoD RMF, and related cybersecurity frameworks
  • Proven experience working with Cloud Service Providers (CSPs) in a government or regulated environment
  • Expertise in evaluating security control implementations, conducting Annual Assessments, reviewing POA&Ms, deviation requests, and other artifacts related to risk posture
  • Demonstrated experience using eMASS, and familiarity with other GRC tools used by DoD or federal agencies
  • Solid understanding of vulnerability scanning tools, SIEM platforms, and security monitoring tools
  • Strong analytical skills with the ability to interpret technical data and identify risks and mitigation strategies
  • Excellent verbal and written communication skills to produce technical reports, risk summaries, and briefings for stakeholders including Authorizing Officials (AOs)
  • Experience developing or maintaining Continuous Monitoring (ConMon) plans, reports, and dashboards
Job Responsibility
Job Responsibility
  • Conducts thorough reviews and analyses of Deviation Requests including validations or justifications for security findings
  • Evaluates and develops Monthly One Pagers that summarize the cybersecurity posture of Cloud Service Offerings (CSOs)
  • Performs Annual Assessments to validate the implementation of mandatory security controls across the CSO baseline and assess one-third of the remaining controls annually
  • Prepares and reviews weekly Playbooks to report on the Continuous Monitoring (ConMon) status of designated CSOs
  • Reviews and assesses Security Change Requests (SCRs) that propose new requirements or capabilities for CSOs
  • Analyzes scan data, Plans of Action and Milestones (POA&Ms), and other change artifacts to assess ongoing risk posture changes of Cloud Service Providers (CSPs)
  • Ensures the DoD and FedRAMP monitoring programs enable effective oversight of CSPs by providing risk-based data to inform Authorizing Officials (AOs)
  • Performs ongoing assessments and validations to confirm that security controls are implemented and compliant with DoD and FedRAMP standards
  • Ensures effective operation of system safeguards and controls through a proactive, risk-based monitoring approach
  • Maintains continuous visibility into CSP applications and devices to support data-driven decision-making and adherence to authorized risk thresholds
What we offer
What we offer
  • Medical
  • Dental
  • Vision
  • 401(k)
  • Family Planning/Fertility Assistance
  • STD/LTD/Basic Life/AD&D
  • Legal-Aid Program
  • Employee Assistance Program (EAP)
  • Paid Time Off (PTO) – (11) Federal Holidays
  • Training and Development Opportunities
  • Fulltime
Read More
Arrow Right