ASM - Consultant

Summary

Position Summary

Join Deloitte Cyber to help organizations strengthen visibility across their attack surface and address vulnerabilities before they can be exploited. As a Consultant, you will support attack surface management and vulnerability management activities by identifying exposures, analyzing findings, and helping drive remediation. You will work with global teams, threat intelligence, and security tools to deliver actionable reporting and improve cyber situational awareness.

Work you'll do

As a Consultant on the Cyber Defense & Resilience team, you will be responsible for:

• Configure and execute internal and external vulnerability scans to identify vulnerabilities and rogue assets
• Analyze, enrich, and prioritize findings and support remediation activities, including patching and configuration hardening
• Correlate threat feeds, assessment results, asset inventory data, and reporting frameworks to produce actionable vulnerability reports
• Support cyber situational awareness through recurring production reporting and ad hoc research requests for clients, partners, and internal stakeholders
• Identify asset data gaps, escalate issues affecting service-level agreements, and coordinate with leadership and remediation partners to improve service delivery
• Adhere to internal operational security requirements and Deloitte policies
  
  

The team

Cyber Defense & Resilience teams assist clients in identifying, prioritizing, and remediating vulnerabilities across their digital ecosystem through robust Attack Surface Management (ASM). By continuously monitoring client environments—networks, applications, cloud assets, and endpoints—they proactively uncover potential exposure points before threat actors can exploit them. Attack Surface Management (ASM) is a foundational capability within the Cyber Defense & Resilience portfolio, enabling proactive identification and mitigation of security vulnerabilities across an organization’s digital landscape.

Location: Bengaluru/Hyderabad/Pune/Chennai/Kolkata

Shift Timings: General

Qualifications

Required:

• 3-6 years of experience in vulnerability management, information security, or technical cybersecurity roles
• Bachelor’s degree in Computer Science or equivalent experience
• Certified Information Systems Security Professional (CISSP) certification
• Experience conducting vulnerability scans across internal and external networks
• Experience with network infrastructure devices, including routers and switches
• Experience with networking protocols, including Transmission Control Protocol/Internet Protocol (TCP/IP), Domain Name System (DNS), and Hypertext Transfer Protocol (HTTP)
• Experience using National Vulnerability Database, Common Vulnerabilities and Exposures (CVE), and Common Vulnerability Scoring System (CVSS) nomenclature
  
  

Preferred:

• Experience with vulnerability management tools such as Qualys, Tenable, or Rapid7
• Experience translating technical findings into remediation recommendations
• Experience with patch management tools such as Microsoft Intune, BigFix, Red Hat Satellite, or Microsoft System Center Configuration Manager (SCCM)
• Experience with asset inventory, provisioning, or deprovisioning lifecycle processes
• Experience with Confluence, Jira, or Configuration Management Databases (CMDBs) such as ServiceNow
• Experience with threat analysis, malicious code analysis, or enterprise mitigation strategies
  
  

Our purpose

Deloitte’s purpose is to make an impact that matters for our people, clients, and communities. At Deloitte, purpose is synonymous with how we work every day. It defines who we are. Our purpose comes through in our work with clients that enables impact and value in their organizations, as well as through our own investments, commitments, and actions across areas that help drive positive outcomes for our communities.

Our people and culture

Our inclusive culture empowers our people to be who they are, contribute their unique perspectives, and make a difference individually and collectively. It enables us to leverage different ways of thinking, ideas and perspectives, and bring more creativity and innovation to help solve our clients’ most complex challenges. This makes Deloitte one of the most rewarding places to work.

Professional development

At Deloitte, professionals have the opportunity to work with some of the best and discover what works best for them. Here, we prioritize professional growth, offering diverse learning and networking opportunities to help accelerate careers and enhance leadership skills. Our state-of-the-art DU: The Leadership Center in India, located in Hyderabad, represents a tangible symbol of our commitment to the holistic growth and development of our people. Explore DU: The Leadership Center in India .

Benefits To Help You Thrive

At Deloitte, we know that great people make a great organization. Our comprehensive rewards program helps us deliver a distinctly Deloitte experience that helps that empowers our professionals to thrive mentally, physically, and financially—and live their purpose. To support our professionals and their loved ones, we offer a broad range of benefits. Eligibility requirements may be based on role, tenure, type of employment and/ or other criteria. Learn more about what working at Deloitte can mean for you.

Recruiting tips

From developing a stand out resume to putting your best foot forward in the interview, we want you to feel prepared and confident as you explore opportunities at Deloitte. Check out recruiting tips from Deloitte recruiters.

Requisition code: 351494

---