Security Analyst

Security Analyst - Vulnerability Assessment/ Penetration Testing

Security Analyst - Vulnerability Assessment/Penetration Testing We are looking for a Security Analyst to perform on-going vulnerability assessment and penetration testing of our internal network, serving as a member of the security team responsible for improving the overall security posture of the enterprise network. The Security Analyst will run periodic scans, identify vulnerabilities, develop test plans for exploiting vulnerabilities in a controlled environment, perform penetration testing, document results, investigate and propose mitigations for identified vulnerabilities, and work with team members as to mitigate the identified vulnerabilities.

The Security Analyst will also serve as an escalation point for addressing any threats identified by the enterprise security tools and processes.

Responsibilities
• Participate in the planning and design of enterprise security architecture, under the direction of the IT Security Manager, where appropriate.
• Perform vulnerability scanning of workstations, servers, and appliances in the network
• Perform internal vulnerability assessments and penetration tests prior to external audits
• Document test plans, test results, and mitigation reports
• Create proof-of-concept exploits in a controlled environment
• Work with system owners to mitigate identified vulnerabilities
• Work with other team members to respond to any alerts and/or threats identified by the security tools and processes
• Identify, research, and assist in the implementation of any security tools and/or processes to improve the overall security posture
• Maintain up-to-date detailed knowledge of the IT security threats and plan, prioritize, and implement, mitigation controls as necessary
• Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
• Participate in investigations into problematic activity.
• Provide on-call support for end users for all in-place security solutions.

Requirements Formal Education Certification
• 4 or more years of overall experience in the information security field
• College diploma or university degree in the field of computers or engineering and/or 2 years equivalent work experience
• One or more of the following certifications preferred:
• SANS GIAC Penetration Tester (GPEN) or GIAC Web Application Penetration Tester (GWAPT)
• Microsoft Certified Systems Administrator: Security
• Certified Ethical Hacker (CEH) Knowledge Experience
• Experience and in-depth familiarity with vulnerability assessment and penetration testing tools such as nmap, nessus or nCircle, metasploit, and other security and password auditing tools
• Experience and in-depth familiarity with Windows environment, including securing servers and workstations, particularly Microsoft Active Directory
• Experience in vulnerability assessment and penetration testing methodology
• Experience or familiarity with Windows scripting languages in .NET environment and evaluating web server code for security vulnerabilities
• Experience or familiarity with securing Microsoft SQL databases and IIS web services
• Working technical knowledge of vulnerability scanning and remediation, traffic monitoring, and log analysis

Personal Attributes
• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Good written, oral, and interpersonal communication skills.
• Ability to conduct research into IT security issues and products as required.
• Ability to present ideas in business-friendly and user-friendly language.
• Highly self motivated and directed.
• Keen attention to detail.
• Team-oriented and skilled in working within a collaborative environment.

Work Conditions
• 40-hour on-site work week with on-call availability as needed.
• Up to 15% travel required.
• Sitting for extended periods of time.
• Sufficient dexterity of hands and fingers to efficiently operate a computer keyboard, mouse, and other computer components.
• Lifting and transporting of moderately heavy objects, such as computers and peripherals.

INDIVIDUAL MUST BE A US CITIZEN TO BE CONSIDERED FOR POSITION

Click Here To Apply
https://americansystems.ats.hrsmart.com/cgi-bin/pm/click.cgi?job_id=8046site_id=123