Search by job, company or skills

NMS Consultant

VOC Analyst - (Vulnerability Assessment & Attack Surface Management)

NMS Consultant
Mumbai, India
6-8 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted a month ago
  • Be among the first 10 applicants
Early Applicant

Job Description

Job description:-

Key Responsibilities:-

Vulnerability Intelligence (VI)

  • Monitor newly disclosed vulnerabilities (CVEs) and assess criticality and exploitability.
  • Publish timely and contextualized vulnerability assessments for software within environment.
  • Maintain a vulnerability knowledge base enriched with CVSS, EPSS, QDS, and other key metrics.
  • Maintain and regularly update the internal software inventory in scope for vulnerability assessment.

Attack Surface Management (ASM)

  • Continuously monitor external assets using ASM tools to detect exposures and misconfigurations.
  • Maintain and update the ASM tool scope by onboarding known domains and IP ranges.
  • Validate findings, eliminate false positives, and escalate high-risk issues to Blue Team for remediation.
  • Identify and track exposure trends and new threats targeting
  • external perimeter.

BlackBox Penetration Testing

  • Coordinate and manage the execution of BlackBox penetration tests for applications and infrastructure.
  • Collaborate with application managers for onboarding into the pentesting program.
  • Support tool maintenance, contract follow-ups, and findings remediation.

Vulnerability Management

  • Analyze and correlate vulnerability data from scanning tools.
  • Conduct vulnerability validation, false positive removal, and severity reclassification.
  • Provide actionable guidance to Security Officers (SOs) and CISOs for risk mitigation.
  • Summarize vulnerability data into concise reports for different stakeholders.

Scripting & Automation

  • Automate data extraction from VI and ASM tools into the DataLake.
  • Build automation workflows for vulnerability detection, classification, and reporting.
  • Collaborate with both offensive (Red Team) and defensive (Blue Team) units to improve testing coverage and threat visibility.

Required Qualifications & Experience

Education

  • Bachelors degree in Computer Science, Information Security, Electronics & Telecommunication (EXTC), or a related field.
  • Relevant certifications are a plus: CISSP, CCSP, CompTIA Security+, OSCP, CEH.

Experience

  • Minimum 6 years of experience in Cybersecurity, with hands-on experience in:
  • Vulnerability Intelligence and Management
  • Attack Surface Monitoring
  • Penetration Testing (Web, Network, Infrastructure)
  • Security tool usage and customization

Technical Skills

  • Familiarity with industry standards and tools:
  • VI & ASM tools (e.g., Shodan, Censys, RiskIQ, etc.)
  • Pentesting tools: Burp Suite, SQLmap, Metasploit, Kali Linux
  • CVE analysis platforms (e.g., NIST NVD, EPSS)
  • Strong scripting skills in Python, PowerShell, Bash, or C# for automation
  • Solid understanding of:
  • OWASP Top 10
  • CVSS, EPSS scoring systems
  • Microsoft Security Bulletins
  • Experience with scanning tools and vulnerability management platforms

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cybersecurity
Employment Type:
Full time

About Company

NMS Consultant

Job ID: 131569185

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 06-12-2025 07:49:41 PM
Homejobs in MumbaiVOC Analyst - (Vulnerability Assessment & Attack Surface Management)