Threat Operations Analyst

Website Virtusa

Threat Operations Analyst

Location: Colombo, Western Province, Sri Lanka

Role Overview

As a Threat Operations Analyst, you will be at the forefront of identifying and mitigating digital risks. You will validate vulnerabilities, attribute internet-facing assets, and provide actionable security advisories to help our customers stay secure.

Key Responsibilities

Threat & Vulnerability Analysis

  • Analyze risks and vulnerabilities identified through internal pipelines and proactive detection systems.

  • Validate exposed services (e.g., RDP, SSH, databases) using specialized tools like Shodan, Censys, LeakIX, and Nuclei.

  • Assess existing security configurations to determine the effectiveness of mitigating or compensating controls.

Asset Verification & Attribution

  • Authenticate ownership of internet-facing assets using DNS/Reverse-DNS, WHOIS, TLS fingerprinting, and advanced OSINT techniques.

  • Resolve attribution discrepancies to ensure high-confidence customer notifications.

Advisory & Customer Engagement

  • Draft clear, concise security alerts that detail the issue, affected assets, and specific remediation steps.

  • Engage directly with customers and brokers to explain findings, clarify risks, and prioritize security improvements.

Cross-Functional Collaboration

  • Serve as a technical escalation point for Support, Underwriting, and Claims teams.

  • Investigate complex queries regarding vulnerabilities, false positives, or asset disputes.

  • Contribute technical insights to refine detection workflows and internal knowledge sharing.

Operational Excellence

  • Maintain high service standards through professional and timely communication.

  • Assist in fine-tuning detection logic to improve the accuracy of vulnerability reporting.

Required Skills & Knowledge

  • Technical Foundation: Strong grasp of networking fundamentals, protocols, and common internet services.

  • Cybersecurity Expertise: Familiarity with CVE/CVSS, threat actor TTPs, the exploitation lifecycle, and attack surface management.

  • Tooling: Hands-on experience with internet scanners (Shodan, Censys, Nuclei, etc.).

  • Analytical Ability: Proficiency in interpreting DNS records, HTTP headers, and OSINT artifacts.

  • Communication: Exceptional ability to translate complex technical vulnerabilities into “customer-friendly” language.

    More Details
    Company Name : Virtusa 

To apply for this job please visit www.virtusa.com.