FPT Software

I10 - Vulnerability Analyst (030)

FPT Software  •  Singapore, SG (Onsite)  •  15 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

The Vulnerability Management Analyst is responsible for vulnerability scanning, validation of findings, remediation tracking, and oversight of external penetration testing vendors across applications, infrastructure, and technology platforms. This role will come under the IT Risk and Security department, reporting to the Senior Manager of Cyber Assurance.

Key Responsibilities

  • Perform vulnerability scanning, discovery, remediation tracking, SLA monitoring, and verification of vulnerability fixes.
  • Review and communicate vulnerability assessment findings to affected teams, and follow up on queries and remediation actions.
  • Manage and coordinate external vendors performing vulnerability assessments and penetration tests, including support for tooling, product issues, and related queries from internal teams.
  • Maintain and amend the VA scan scripts when necessary to reduce the false positives.
  • Generate Dashboard and share the VA scan results with Department HOD and team manager on issues and concerns in the weekly team meeting.
  • On monthly basis, perform reconciliation on any agents that are not reporting and any new servers.
  • Compliance and hardening checks on organisation assets, including cloud to ensuring alignment with CIS or other applicable standards.
  • Prepare VA statistics and reports in the quarterly management meetings.
  • Support the compliant standards and SOP to conduct VA scan to cover MS Azure Cloud and Google cloud tenant
  • Perform risk assessment on vulnerability and penetration test findings, and recommend remediation or compensating controls where direct remediation is not feasible.
  • Review vendor penetration testing scope, methodology, and findings to assess technical accuracy, exploitability, business impact, and remediation priority.
  • Experienced in Bug Bounty Program, validating severity and business impact, tracking remediation closure, managing researcher communications and support maintenance of scope, outcomes reporting
  • Undertake other projects and tasks that may be assigned by management.

Qualifications / Requirements

  • Bachelor's Degree with more than 3 years of experience in Cyber Security or information security. Experienced in vulnerability management, vulnerability assessment, infrastructure security, or
  • similar information security roles. Open to consider candidates with at least 2 years of relevant experience
  • Relevant industry certifications such as CISSP, OSCP, CREST CPSA CRT, SANS certifications preferred.

Competencies

  • Hands-on experience on vulnerability assessment tools with Tenable Vulnerability Management / Tenable One / Nessus is a must.
  • Good understanding of vulnerability management standards, remediation SLAs, and the ability to follow up with stakeholders to drive timely closure of findings.
  • Working knowledge of vulnerability scoring and prioritisation models such as CVSS, Tenable VPR, and EPSS.
  • Experienced in conducting technical risk assessments, including assessment of preventive and detective controls.
  • Working knowledge of vulnerability management procedures, remediation tracking, and service level agreement monitoring.
  • Strong understanding of penetration testing methodologies and Web/API application security, Mobile and AI/LLM. OWASP top 10
  • Understanding of CIS security hardening standards and baseline controls for servers, operating systems, databases, and for cloud environments such as AWS, Azure.
  • Able to engage stakeholders effectively, follow up on remediation actions, and drive closure of vulnerabilities within required timelines.
FPT Software

About FPT Software

FPT Software, a subsidiary of FPT Corporation, is a global technology and IT services provider headquartered in Vietnam, with USD 1.22 billion in revenue (2024) and over 33,000 employees in 30 countries.

Embracing an AI-first approach, FPT Software enables breakthrough speed, scalability and quality through AI-powered services and solutions and an AI-augmented workforce. It has partnered with over 1,100 clients worldwide, more than 130 of which are Fortune Global 500 companies in Aviation, Automotive, Banking, Financial Services and Insurance, Healthcare, Logistics, Manufacturing, Utilities, and more.

For more information, please visit https://fptsoftware.com/.

Industry
IT & Software
Company Size
10,000+ employees
Headquarters
Hanoi, VN
Year Founded
Unknown
Social Media