Information Security Analyst

Conduct penetration testing and red teaming on systems networks applications and mobile platforms to identify vulnerabilities. Develop and use custom tools/scripts to automate testing and exploitation. Simulate advanced persistent threats (APTs) to assess security controls and incident response. Continuously discover catalog and monitor all assets for attack surface management (ASM). Perform vulnerability assessments using industry-standard tools (e.g. Qualys Nessus Nexpose) and methodologies. Prioritize and provide actionable remediation recommendations for identified vulnerabilities. Participate in patch management activities. Conduct threat modeling and risk assessments to uncover and prioritize potential attack vectors. Collaborate with incident response teams to contain and remediate security incidents. Provide technical guidance and expertise during incident response and crisis management. Stay updated on latest security threats trends and tools; adapt testing methodologies as needed. Participate in security research and develop new testing techniques/methodologies. Work with development teams to implement security patches and provide security guidance. Communicate complex technical findings to both technical and non-technical stakeholders. Develop and maintain detailed documentation and reports on testing results methodologies and remediation steps. Maintain accurate records of all security testing and assessment activities. Ensure compliance with relevant security certifications and regulatory requirements. Demonstrate strong programming skills (e.g. Python C Java) and knowledge of security tools (e.g. Nmap Burp Suite Metasploit). Work independently and collaboratively in a fast-paced environment managing multiple priorities and deadlines.

• Conduct penetration testing and red teaming on systems networks applications and mobile platforms to identify vulnerabilities.
• Develop and use custom tools/scripts to automate testing and exploitation.
• Simulate advanced persistent threats (APTs) to assess security controls and incident response.
• Continuously discover catalog and monitor all assets for attack surface management (ASM).
• Perform vulnerability assessments using industry-standard tools (e.g. Qualys Nessus Nexpose) and methodologies.
• Prioritize and provide actionable remediation recommendations for identified vulnerabilities.
• Participate in patch management activities.
• Conduct threat modeling and risk assessments to uncover and prioritize potential attack vectors.
• Collaborate with incident response teams to contain and remediate security incidents.
• Provide technical guidance and expertise during incident response and crisis management.
• Stay updated on latest security threats trends and tools; adapt testing methodologies as needed.
• Participate in security research and develop new testing techniques/methodologies.
• Work with development teams to implement security patches and provide security guidance.
• Communicate complex technical findings to both technical and non-technical stakeholders.
• Develop and maintain detailed documentation and reports on testing results methodologies and remediation steps.
• Maintain accurate records of all security testing and assessment activities.
• Ensure compliance with relevant security certifications and regulatory requirements.
• Demonstrate strong programming skills (e.g. Python C Java) and knowledge of security tools (e.g. Nmap Burp Suite Metasploit).
• Work independently and collaboratively in a fast-paced environment managing multiple priorities and deadlines.

• Strong programming skills (e.g. Python, C, Java).
• Knowledge of security tools (Nmap, Burp Suite, Metasploit).
• Ability to communicate complex technical findings to technical and non-technical stakeholders.
• Experience with incident response, crisis management, and patch management activities.