Senior Vulnerability Analyst
NTT DATA Romania
full-time
Posted on:
Location Type: Remote
Location: Romania
Visit company websiteExplore more
Job Level
Tech Stack
About the role
- Conduct vulnerability assessments using tools like Nessus, Qualys, Rapid7, and OpenVAS
- Perform manual validation of automated scan results to eliminate false positives
- Analyze vulnerabilities to assess exploitability and business impact
- Create detailed reports with actionable remediation guidance
- Evaluate vulnerabilities using CVSS scoring and business context
- Prioritize remediation efforts based on risk exposure and asset criticality
- Collaborate with threat intelligence teams to incorporate emerging threat data
- Work with IT teams to develop and implement remediation strategies
- Provide technical guidance on mitigation techniques and validate fixes
- Maintain up-to-date vulnerability databases and track remediation progress
- Support compliance initiatives, including PCI and regulatory audits
- Prepare executive and technical reports on vulnerability posture
- Maintain metrics on vulnerability discovery, remediation rates, and overall security improvements
- Stay informed about emerging vulnerabilities and attack techniques
- Evaluate and recommend new vulnerability assessment tools and methodologies
- Contribute to knowledge sharing and best practices within the team
Requirements
- Bachelor’s degree in Cybersecurity, Computer Science, IT, or related field (or equivalent experience)
- Minimum 3–5 years of experience in cybersecurity or IT security roles
- Proficiency with vulnerability scanning tools (e.g., Nessus, Qualys, Rapid7, OpenVAS)
- Strong understanding of common vulnerabilities (e.g., OWASP Top 10, SANS Top 25)
- Knowledge of network protocols, operating systems, and application security
- Experience with scripting languages (Python, PowerShell, Bash) for automation
- Familiarity with CVSS scoring and risk assessment frameworks
- Strong analytical and problem-solving abilities
- Excellent written and verbal communication skills
- Attention to detail and accuracy in technical analysis
- Ability to manage multiple assessments independently
- Direct experience working in government, military, or intelligence organizations advantageous
- CREST Practitioner Security Analyst (CPSA), CEH, GCIH, Security+, or equivalent
- Vendor-specific certifications (e.g., Nessus, Qualys)
- Excellent command of both spoken and written English.
Benefits
- New beginnings can be a challenge. We promise a smooth integration and a supportive mentor
- Pick your working style: choose from Remote, Hybrid or Office work opportunities
- Early bird or night owl? Our projects have different working hours to suit your needs
- Nobody is born an expert. Sharpen your tech skills with our sponsored certifications, trainings and top e-learning platforms
- We want you to stay healthy! Enjoy our Private Health Insurance – it’s custom-made for you
- A clear mind is a healthy mind. Attend individual coaching sessions or go one step further by joining our accredited Coaching School
- Make the most of our epic parties or themed events – they’re lovingly designed for our people and their families
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
vulnerability assessmentsvulnerability scanning toolsscripting languagesCVSS scoringrisk assessment frameworksnetwork protocolsoperating systemsapplication securitymanual validationremediation strategies
Soft skills
analytical abilitiesproblem-solvingwritten communicationverbal communicationattention to detailaccuracyindependent managementcollaborationknowledge sharingreporting
Certifications
Bachelor’s degree in CybersecurityBachelor’s degree in Computer ScienceBachelor’s degree in ITCREST Practitioner Security Analyst (CPSA)Certified Ethical Hacker (CEH)GIAC Certified Incident Handler (GCIH)Security+vendor-specific certifications for Nessusvendor-specific certifications for Qualys