IT Security Analyst (1440)

OVERVIEW:
The Penetration Tester position applies mid-level principles and moderate to highly complex research, evaluation, managing, administering, auditing, and testing company IT systems to manage risk. The Penetration Tester position focuses on offensive security tasks such as penetration testing, vulnerability assessments, and red teaming exercises. The role involves identifying and exploiting security weaknesses in systems, networks, and web applications to simulate real-world attacks and test the organization's defenses. The goal is to improve the overall security posture by providing actionable insights and recommendations

The incumbent is generally well-qualified in penetration testing and red teaming, with expertise in identifying and exploiting security weaknesses. While higher-classified systems analysts can consult on work assignments, the incumbent primarily focuses on offensive security tasks. This position involves conducting penetration tests, vulnerability assessments, application code scanning, and red teaming exercises to simulate real-world attacks and test the organization's defenses.

PRINCIPAL DUTIES:

• Conduct comprehensive penetration tests on various IT systems, networks, and applications to identify vulnerabilities and security weaknesses.
• Perform red teaming exercises to simulate advanced persistent threats (APTs) and assess the organization's detection and response capabilities.
• Develop and execute attack scenarios to test the effectiveness of security controls and incident response procedures.
• Utilize advanced tools and techniques to exploit vulnerabilities and gain unauthorized access to systems and data.
• Collaborate with the blue team (defensive security) to provide insights and recommendations for improving security measures.
• Investigate suspected attacks, such as man-in-the-middle attacks, sniffing, DoS, etc., hacking activities, and breaches of Information security policies.
• Analyze security events generated by various network and host-based security appliances, such as firewalls, NIDS, HIDS, and event logs. Determine appropriate remediation actions and escalation paths to address identified security issues.
• Document findings, create detailed reports, and present results to stakeholders, including technical and non-technical audiences.
• Develop, maintain, and update process and standard governing documents related to penetration testing and red teaming activities
• Stay updated with the latest security trends, vulnerabilities, and attack techniques to ensure the organization remains resilient against emerging threats.
• Other duties as assigned.

MINIMUM REQUIREMENTS:

• A bachelor’s degree program in a technical field such as Computer science, Management Information Technology (MIS), Engineering, and Mathematics is strongly preferred. We may consider candidates with technical school or military training and seven (7) years of experience. HS/GED candidates may be considered, in lieu of a bachelor's degree, with ten (10) years of work experience, a working knowledge of offensive security principles, penetration testing, and understanding.
• Seven (7) years of work experience in information security or information technology fields. Experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC). Experience with End-Point Protection, Intrusion Detection Systems, Firewalls, Vulnerability Assessment tools, and other security tools found in large network environments, along with experience working with Security Information and Event Management (SEIM) solutions. Familiarity with various network and host-based security applications and tools, such as network and host assessment/scanning tools, network and host-based intrusion detection systems, and other security software packages. Digital Media Analysis (DMA) and prior computer forensics experience strongly desired but not required.
• Experience with various operating systems, such as Windows/Linux/Unix, in a functional capacity.
• Security and/or Networking experience and understanding in the following:
  • Advanced knowledge of general security methodologies, concepts, and terminologies.
  • Advanced knowledge of routing principles and networking fundamentals
  • Well-known protocols and services (FTP,HTTP,SSH,SMB,LDAP)
  • Packet Analysis Tools (TCPDUMP, Wireshark, Ngrep)
• Knowledge/Experience with McAfee Nitro SIEM, McAfee ePolicy Orchestrator “ePO”, SourceFire IPS, Juniper/Palo Alto Firewalls, and EnCase Enterprise is desired, but not required.
• Must communicate and comprehend accurately, clearly, and concisely in English at a level required to perform the job as outlined. Must be able to communicate technical details in a clear, understandable manner.
• Must have familiarity with TCP/IP services and networks, a passion and interest in technology, and a desire to learn more about security-related platforms and malware analysis. Must possess good work habits, a strong work ethic, and be able to adhere to company work hours, policies, and standard business etiquette. Must exemplify strong analytical skills, consensus building, and strong collaboration skills are crucial.

NO THIRD PARTY CANDIDATES ACCEPTED