Vulnerability Analyst

Role: Vulnerability Analyst

Vulnerability Management Analyst

Vulnerability Management (VM)

VAPT & EASM Managing Consultant, you'll help enhance and automate our security assessment tools, including SAST, DAST,

What will you be doing?

• Perform support activities for product and application security testing, including the assessment, configuration, and maintenance of application security assessments. Plus, triage and reporting of findings to engineering teams.
• Perform support activities for enterprise security vulnerability management and attack surface management, including the configuration, maintenance, triage, and reporting of security findings and coordination with supporting groups.
• Contribute to continuous service improvement, developing processes, work instructions, reports, methodologies, and frameworks to drive higher quality outcomes or improve efficiency through automation or AI. This should be done in the context of the developing threat landscape, including threat actors, malware, campaigns, and other factors as necessary to ensure S+N practice stays aligned to threats.
• Provide technical subject matter expertise to projects and initiatives aimed at improving the capability and maturity of the wider Smith & Nephew information security practices.
  

What will you need to be successful?

• Bachelor's degree in computer science or a related subject is preferred.
• Background in engineering, computer science, or information security.
• At least 2 years of experience in penetration testing, adversary emulation, red teaming, incident response, vulnerability management, or application testing.
• Experience with at least one programming language with knowledge of secure coding practices.
• Familiarity with vulnerability management solutions such as Tenable, Rapid7, Qualys, etc.
• Understanding of continuous integration environments and code repositories.
• Understanding of offensive security tools and frameworks, as well as knowledge in the exploitation process of vulnerabilities.
• Strong understanding of network protocols, operating systems, public cloud, web applications, and other common IT components.
• Effective report writing with clear structure and risk-prioritized actionable findings.
• Excellent written and oral communication skills, service mindset, and analytical approach to problem solving.
• Ability to work independently without daily direction, balancing conflicting priorities, and effectively tracking and managing task completion to committed deadlines.
• Familiarity with web-related technologies (Web applications, Web Services, service-oriented architectures, servers), network/web-related protocols, and cloud environments (Azure/AWS).
• Basic knowledge of software development processes, programming languages, and secure coding practices.
• Thorough understanding of the latest security principles, techniques, and protocols
  

You Unlimited.

Inclusion + Belonging:

Other reasons why you will love it here!

• Your Future: Major medical coverage + policy exclusions and insurance non-medical limit. Educational Assistance.
• Work/Life Balance: Flexible Personal/Vacation Time Off, Privilege Leave, Floater Leave.
• Your Wellbeing: Parents’/Parents-in-Law’s Insurance (Employee Contribution of 8,000/- Annually), Employee Assistance Program, Parental Leave.
• Flexibility: Hybrid Work Model (For most professional roles)
• Training: Hands-On, Team-Customized, Mentorship
• Extra Perks: Free cab transport facility for all employees; one-time meal provided to all employees as per shift. Night shift allowances.
  

You. Unlimited.