Threat Operations Analyst
Virtusa
Lead Software Engineer
Threat & Vulnerability Analysis
Review and analyse threats, risks, and vulnerabilities identified by CTRL and proactive detection pipelines
Validate exposed services such as RDP, SSH, databases, and edge devices using Shodan, Censys, LeakIX, and Nuclei
Evaluate security configurations to identify mitigating or compensating controls
Asset Verification & Attribution
Confirm internet-facing asset ownership using WHOIS, DNS and reverse-DNS, TLS fingerprinting, Shodan data, and OSINT techniques
Resolve attribution uncertainties to ensure customers receive notifications only for confirmed assets
Customer Notification & Advisory Work
Produce clear security alerts outlining issues, affected assets, remediation guidance, and vendor references
Communicate directly with customers and brokers to explain findings, clarify risk, and priorities remediation
Internal Collaboration & Escalation
Act as a technical escalation point for Customer Support, Underwriting, and Claims
Investigate queries related to exposed services, vulnerabilities, false positives, or disputed ownership
Provide technical input to improve processes, detection workflows, and cross-team knowledge sharing
Operational Excellence
Maintain a high standard of customer service with professional, timely communication
Assist in tuning detection logic and improving vulnerability and exposure accuracy
Support continuous improvement of CTRL intelligence capabilities and processes
Required Skills & Knowledge
Strong understanding of networking fundamentals, ports, protocols, and common services
Familiarity with cyber security concepts including CVE, CVSS, threat actor TTPs, exploitation lifecycle, and attack surfaces
Hands-on experience with internet scanning and exposure tools such as Shodan, Censys, LeakIX, and Nuclei
Ability to interpret DNS records, WHOIS data, HTTP headers, and OSINT artefacts
Skilled at translating complex technical issues into clear, customer-friendly language