VA/PT Analyst

va/pt analyst Job Description Template

Our company is looking for a va/pt analyst to join our team.


  • Other duties as assigned;
  • Respond timely to ServiceNow tickets as needed;
  • Perform with the passion for excellence through strong execution using technical skills, knowledge, and experience;
  • Research and develop testing tools, techniques, and process improvements;
  • Make fact-based decisions using individual judgement and problem solving;
  • Wireless security assessment;
  • Convey thoughts logically, simply and succinctly in written and verbal communications;
  • Review and analyze security vulnerability data to identify applicability and false positives;
  • Identify and exploit technical vulnerabilities in systems, assess business risks of the technical vulnerabilities and communicate to relevant staff;
  • Coordinate internal and third-party vulnerability assessments. Provide results to the appropriate technical teams and management;
  • Treat people with dignity, respect and fairness and holds others accountable for the same;
  • Provide internal remediation support through the design, implementation and integration of network infrastructure and information security controls;
  • Conduct technical security/risk assessments and information security projects;
  • Preferred Certifications: OSCP, GWEB, GWPT, OSCE, CEH, LPT, CCNA, MCSE;
  • BA/BS or equivalent.


  • Solid understanding of common penetration testing methodologies (e.g. OSSTMM, OWASP);
  • Must be a team player and self-starter;
  • Coordinate with technology and business groups to assess, implement, and monitor security risks;
  • Produce high-quality papers, presentations, recommendations, and findings for Senior Level Management and Enterprise Technology Leaders;
  • Maintain strict confidentiality of all security issues including legal investigations, Compliance, and HR data requests;
  • Wireless protocols and services;
  • Backup and disaster recovery methodologies;
  • Ability to train security concepts;
  • Knowledge of security industry best practices (e.g. SANS, NIST, CIS);
  • Network analysis tools;
  • Ability to assertively communicate technical information clearly and concisely, commensurate with the audience;
  • Must be assertive, methodical and detail oriented;
  • Proficient knowledge of collection and analysis methods as well as knowledge in multiple tools, utilized for data correlation;
  • Patch management technologies and processes.