va/pt analyst Job Description Template
Our company is looking for a va/pt analyst to join our team.
Responsibilities:
- Other duties as assigned;
- Respond timely to ServiceNow tickets as needed;
- Perform with the passion for excellence through strong execution using technical skills, knowledge, and experience;
- Research and develop testing tools, techniques, and process improvements;
- Make fact-based decisions using individual judgement and problem solving;
- Wireless security assessment;
- Convey thoughts logically, simply and succinctly in written and verbal communications;
- Review and analyze security vulnerability data to identify applicability and false positives;
- Identify and exploit technical vulnerabilities in systems, assess business risks of the technical vulnerabilities and communicate to relevant staff;
- Coordinate internal and third-party vulnerability assessments. Provide results to the appropriate technical teams and management;
- Treat people with dignity, respect and fairness and holds others accountable for the same;
- Provide internal remediation support through the design, implementation and integration of network infrastructure and information security controls;
- Conduct technical security/risk assessments and information security projects;
- Preferred Certifications: OSCP, GWEB, GWPT, OSCE, CEH, LPT, CCNA, MCSE;
- BA/BS or equivalent.
Requirements:
- Solid understanding of common penetration testing methodologies (e.g. OSSTMM, OWASP);
- Must be a team player and self-starter;
- Coordinate with technology and business groups to assess, implement, and monitor security risks;
- Produce high-quality papers, presentations, recommendations, and findings for Senior Level Management and Enterprise Technology Leaders;
- Maintain strict confidentiality of all security issues including legal investigations, Compliance, and HR data requests;
- Wireless protocols and services;
- Backup and disaster recovery methodologies;
- Ability to train security concepts;
- Knowledge of security industry best practices (e.g. SANS, NIST, CIS);
- Network analysis tools;
- Ability to assertively communicate technical information clearly and concisely, commensurate with the audience;
- Must be assertive, methodical and detail oriented;
- Proficient knowledge of collection and analysis methods as well as knowledge in multiple tools, utilized for data correlation;
- Patch management technologies and processes.