Job Description

At NTT we believe that by using innovative technology we can solve global challenges and create a world that is sustainable and secure. We are looking for curious people, from diverse backgrounds, that are keen to work in a fast-paced and agile environment.
At NTT we trust our employees to do the right thing, even when no one is watching, which is why we offer flexibility in the workplace. The majority of our roles are hybrid, meaning we encourage a balance of working from home and our local office. Ask our recruitment team if this is a hybrid role. Want to be a part of our team? Summary
The primary responsibility for the NTT Ltd Vulnerability Assessment Analyst is to identify, review, plan and supports the remediation of operating system and application vulnerabilities. Working at NTT


Key Roles and Responsibilities:

• Ensure vulnerability scans / assessments are run periodically in line with policies and standards across the Digital Office estate
• Review vulnerability assessments and security audits to identify cybersecurity risks and drives improvements necessary to mitigate those risks.
• Performs technical analysis of vulnerabilities and leads in the development of vulnerability corrective action plans
• Reviews results of vulnerability assessments and code reviews and informs management of vulnerabilities, risk and mitigation.
• Provides technical expertise to the vulnerability assessment team responsible for the testing, validating, and the security of the company’s applications, servers, and networks
• Carry out analysis to determine the root cause of events.
• Make recommendations for improvements in cyber security controls
• Develop and maintain an application scanning plan
• Support incident response activities and reporting.
• Ensure Cyber leadership is aware of current and emerging threats and vulnerabilities
• Ensure the Security Operations, DO and Cyber teams are aware of all security technology developments that may help mitigate the risk from any emerging threats and vulnerabilities
• Supports the end-to-end vulnerability process, including reporting of vulnerabilities and escalation of critical vulnerabilities

Knowledge, Skills and Attributes:

• Knowledge of various vulnerability management tools, technologies, and processes
• A technical understanding of vulnerability and malware analysis and the ability to assess risk
• Understanding of event management solutions, and automation and orchestration platforms
• Ability to communicate the evolving threats and trends and report on KPIs and KRIs to Cyber leadership
• Knowledge of how patch management takes place within organisation and how to support IT teams in ensuring systems are adequately patched
• Ability to engage with a variety of internal and external stakeholders
• Thorough knowledge of identity administration and expertise to solve complex issues
• Knowledge of how patch management takes place within organisation and how to support IT teams in ensuring systems are adequately patched
• Fluent in spoken and written English

Key Roles and Responsibilities:

• Ensure vulnerability scans / assessments are run periodically in line with policies and standards across the Digital Office estate
• Review vulnerability assessments and security audits to identify cybersecurity risks and drives improvements necessary to mitigate those risks.
• Performs technical analysis of vulnerabilities and leads in the development of vulnerability corrective action plans
• Reviews results of vulnerability assessments and code reviews and informs management of vulnerabilities, risk and mitigation.
• Provides technical expertise to the vulnerability assessment team responsible for the testing, validating, and the security of the company’s applications, servers, and networks
• Carry out analysis to determine the root cause of events.
• Make recommendations for improvements in cyber security controls
• Develop and maintain an application scanning plan
• Support incident response activities and reporting.
• Ensure Cyber leadership is aware of current and emerging threats and vulnerabilities
• Ensure the Security Operations, DO and Cyber teams are aware of all security technology developments that may help mitigate the risk from any emerging threats and vulnerabilitiesSupports the end-to-end vulnerability process, including reporting of vulnerabilities and escalation of critical vulnerabilities

Knowledge, Skills and Attributes:

• Knowledge of various vulnerability management tools, technologies, and processes
• A technical understanding of vulnerability and malware analysis and the ability to assess risk
• Understanding of event management solutions, and automation and orchestration platforms
• Ability to communicate the evolving threats and trends and report on KPIs and KRIs to Cyber leadership
• Knowledge of how patch management takes place within organisation and how to support IT teams in ensuring systems are adequately patched
• Ability to engage with a variety of internal and external stakeholders
• Thorough knowledge of identity administration and expertise to solve complex issues
• Knowledge of how patch management takes place within organisation and how to support IT teams in ensuring systems are adequately patched
• Fluent in spoken and written English

Academic Qualifications and Certifications:

• Bachelor’s degree or technical institute degree/certificate
• Relevant Security/Vulnerability tools certification
• Azure/AWS/Google Cloud certification would be an advantage

Required Experience:

• Prior experience (ideally 2+ years) in vulnerability management application security, data security and / or penetration testing is required
• Operational experience with vulnerability management toolsets
• Proven working knowledge of Enterprise Patch Management
• Proven working knowledge on Threat and Vulnerability Assessment and Managing Security Vulnerabilities
• Good knowledge of cloud computing and security issues related to cloud environments.
• Experience with tool sets like Qualys, Tanium, or similar
• Proven understanding of common vulnerability frameworks (e.g., CVSS, OWASP Top 10).
• Strong troubleshooting and debugging skills
• Demonstrable experience in a similar role within a complex, large scale (preferably multi-national) technology services environment
• Prior experience working in information security is essential
• Familiar with identity related regulatory and industry compliance requirements across geographies
• Solid experience working in an IT services environment
• Experience working in a multi-team environment across multiple geographies and time zones

What will make you a good fit for the role?

• Interpersonal skills and the ability to develop strong customer (internal / external) relationships
• Strong industry and market awareness
• Ability to negotiate / influence
• Seasoned and experienced professional
• Resolves wide range of issues in creative ways
• Fully qualified, career level, career journey-orientated
• Uses good judgement in selecting tools and methods to solve problems
• Strong professional documentation and writing skills
• Networks with senior internal and external people in own area of expertise
• Receives little instruction on day-to-day work, receives general instructions on new assignments.

Join our growing global team and accelerate your career with us. Apply today.



Equal opportunity employer NTT is proud to be an equal opportunity employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, color, sex, religion, national origin, disability, pregnancy, marital status, sexual orientation, gender reassignment, veteran status, or other protected category.