Talent.com
No longer accepting applications
VOC Analyst - (Vulnerability Assessment & Attack Surface Management)

VOC Analyst - (Vulnerability Assessment & Attack Surface Management)

NMS Consultantraipur, India
1 day ago
Job description

Job description : -

Key Responsibilities : -

Vulnerability Intelligence (VI)

  • Monitor newly disclosed vulnerabilities (CVEs) and assess criticality and exploitability.
  • Publish timely and contextualized vulnerability assessments for software within environment.
  • Maintain a vulnerability knowledge base enriched with CVSS, EPSS, QDS, and other key metrics.
  • Maintain and regularly update the internal software inventory in scope for vulnerability assessment.

Attack Surface Management (ASM)

  • Continuously monitor external assets using ASM tools to detect exposures and misconfigurations.
  • Maintain and update the ASM tool scope by onboarding known domains and IP ranges.
  • Validate findings, eliminate false positives, and escalate high-risk issues to Blue Team for remediation.
  • Identify and track exposure trends and new threats targeting
  • external perimeter.

    • BlackBox Penetration Testing

  • Coordinate and manage the execution of BlackBox penetration tests for applications and infrastructure.
  • Collaborate with application managers for onboarding into the pentesting program.
  • Support tool maintenance, contract follow-ups, and findings remediation.

    • Vulnerability Management

  • Analyze and correlate vulnerability data from scanning tools.
  • Conduct vulnerability validation, false positive removal, and severity reclassification.
  • Provide actionable guidance to Security Officers (SOs) and CISOs for risk mitigation.
  • Summarize vulnerability data into concise reports for different stakeholders.

    • Scripting & Automation

  • Automate data extraction from VI and ASM tools into the DataLake.
  • Build automation workflows for vulnerability detection, classification, and reporting.
  • Collaborate with both offensive (Red Team) and defensive (Blue Team) units to improve testing coverage and threat visibility.

    • Required Qualifications & Experience

    Education

  • Bachelors degree in Computer Science, Information Security, Electronics & Telecommunication (EXTC), or a related field.
  • Relevant certifications are a plus : CISSP, CCSP, CompTIA Security+, OSCP, CEH .

    • Experience

  • Minimum 6 years of experience in Cybersecurity, with hands-on experience in :
  • Vulnerability Intelligence and Management
  • Attack Surface Monitoring
  • Penetration Testing (Web, Network, Infrastructure)
  • Security tool usage and customization

    • Technical Skills

  • Familiarity with industry standards and tools :
  • VI & ASM tools (e.g., Shodan, Censys, RiskIQ, etc.)
  • Pentesting tools : Burp Suite, SQLmap, Metasploit, Kali Linux
  • CVE analysis platforms (e.g., NIST NVD, EPSS)
  • Strong scripting skills in Python, PowerShell, Bash, or C# for automation
  • Solid understanding of :
  • OWASP Top 10
  • CVSS, EPSS scoring systems
  • Microsoft Security Bulletins
  • Experience with scanning tools and vulnerability management platforms
    • Create a job alert for this search

    Vulnerability Analyst • raipur, India