Experience Inc. Jobs

Make an impact with NTT DATA

Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

Your day at NTT DATA

NTT is seeking a Consultant to join their Threat Services team. The Threat Services team is responsible for performing offensive security assessments and related services. The role requires candidates with strong communication skills, a deep understanding of cyber threats, vulnerabilities, and a passion for staying updated with the latest trends in cybersecurity.

This position is responsible for performing cross-domain security assessments by simulating a threat actor in various attack scenarios to identify and exploit vulnerabilities in application security (e.g., web applications, API, mobile applications) and network security (e.g., internal and/or external penetration, wireless) in cloud-based, on-premises, and hybrid environments.

Upon completion of assessments, consultants produce and deliver high-quality reports containing analysis of security findings, detailed evidence, and recommended actions. Out brief calls to present reports, answer questions, explain chained exploits, and provide high-level guidance are common. The Security Consultant is seen as a trusted advisor through the delivery of judgement free, objective testing and thorough detailed reporting. The consultant guides clients toward solutions to improve their security posture and enhance their risk-management programs.

The ideal candidate has strong problem-solving and analytical skills, broad and deep technical skills, meets the objectives of engagements, collaborates with clients, supports teammates, and provides subject matter expertise across technical domains. While we strive to provide services in a fully remote capacity, travel to client sites may be required on occasion to conduct assessments on sensitive applications or in closed environments.

What you'll be doing

Duties and Responsibilities

• Engage with internal and external clients to perform application security assessments (e.g, web, API, mobile) and/or network penetration assessments (e.g., internal/external penetration, wireless) using open source, commercial, or in-house developed exploitation tools.

• Craft comprehensive reports containing detailed supporting evidence, recommended actions, and references where appropriate, explaining complex technical concepts and terminology that is understandable for both technical and non-technical audiences.

• Participate in client conference calls for project kick-off, critical risk escalation, report delivery, and others as appropriate.

• Continuous education to improve skillset as well as keep up to date on the latest vulnerabilities, emerging threats, and cybersecurity trends.

• Develop and maintain positive relationships with clients and understand their vertical markets, business needs and challenges.

Qualifications

• 2+ years of industry experience in web application, API, and network penetration testing with the ability to be the technical lead on assessments.

• In-depth experience with open source and commercial security tools for discovery, enumeration, and exploitation such as Kali Linux, Metasploit, Cobalt Strike, Burp Suite Professional, Nessus, Nmap, Impacket, etc.

• Extensive operating systems and network protocol knowledge: Microsoft Windows, Active Directory, Linux, MacOS, TCP/UDP, IEEE 802.11.

• Proficiency with cloud technology and deployments: AWS/Azure/Google Cloud Platform.

• Experience with scripting/programming languages (Python, PHP, PowerShell, Ruby, Bash, etc.) as well as a working knowledge of SQL.

• Strong communication skills, both written and verbal, with the ability to convey complex security issues to both technical and non-technical stakeholders.

• Self-motivated, with the ability to work independently and as part of a team.

Bonuses

• Contributions to the security community such as developing or maintaining security tools, exploits, publishing CVEs, vulnerability disclosure recognitions, blogs, conference presentations.

• Industry-specific certifications (OSCP, OSEP, OSEE, OSED, OSWE, GPEN, GXPN, GWAPT, GCPN, etc.).

• Experience with assumed breach assessments.

• Social Engineering experience (phishing, vishing, smishing).

• Proficiency in assessment of applications on mobile operating systems (iOS, Android).

• Familiarity with common IT security compliance and governance regulations, guidance, and frameworks such as PCI, SOX, FISMA, FedRAMP, etc.

• Previous systems/network administration or security engineering.

• Prior experience with DevOps/DevSecOps or software development/engineering.

• Experience with compiled languages (Golang, Java, C, C++, Assembly).

• Experience with container technologies (Docker, Kubernetes, Helm).

• Knowledge of ICS/OT/SCADA systems.

• Testing or development of embedded systems and/or IoT devices.

Workplace type :

Remote Working

About NTT DATA

NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer

NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.