Vulnerability Management Analyst

NCS is a leading technology services firm with presence in Asia Pacific and partners with governments and enterprises to advance communities through technology. Combining the experience and expertise of its 10,000-strong team across 49 specialisations, NCS provides differentiated and end-to-end technology services to clients with its NEXT capabilities of digital, cloud, platforms as well as core offerings in application, infrastructure, engineering and cyber security. NCS also believes in building a strong partner eco-system with leading technology players, research institutions and start-ups to support open innovation and co-creation. For more information, visit ncs.co.

We are committed to a safe and healthy environment for our employees & customers and will require all prospective employees to be fully vaccinated.

As Vulnerability Management Analyst, the broad area of your job responsibilities will cover the following:

• Perform core cyber-security operation functions such as security monitoring, vulnerability management and attack surface management
• Monitor and perform deeper analysis, trending, and root cause analysis of security events from SIEM, whilst creating process and procedures where none are already established
• Perform Attack Surface assessments using a combination of threat modelling, vulnerability research, code scanning, control efficiency testing and recommendation of proper remediation actions
• Support a continuous vulnerability scanning and reporting program encompassing a vast network of internal and public-facing IT assets across multiple platforms and architectures
• Experience in discovery of vulnerabilities, prioritization of data and vulnerabilities, remediation of vulnerabilities, and verification through risk-based analysis of findings
• Able to provide after-hours support on an on-demand basis

Ideal candidate should possess the following:

• Degree/Diploma in Computer Science, Infocomms Security or related discipline
• Security certification is preferred, such as GIAC Certified Incident Handler (GCIH), Tenable Specialist or Nessus Fundamentals
• At least 3 years of experience in cyber security operations 
• Strong knowledge of various automated security control systems, vulnerability assessment, threat intelligence intrusion detection, penetration testing and incident response
• Experience in responding to security events, including front-line analysis and escalation, on hacktivist, cybercrime, and APT activity
• Strong analytical, problem solving, communications and interpersonal skills
• Ability to work independently and with minimal supervision on assignments