Technical Security Analyst

Dulles, VA
Dec 01, 2021
Dec 03, 2021
Full Time
Responsibilities The Technical Security Analyst position is within IT Security group whose mission is to deliver information security solutions and services to protect information assets, computing infrastructure, applications, and data. The Analyst will work within the Vulnerability & Controls Operations team helping to identify and mitigate risks. The ideal candidate will have great interest in information security, have hands-on security engineering experience and vulnerability management experience, and be able to come up with creative and unique solutions to security- related problems. The Analyst will perform technical security activities including the following: Perform vulnerability scan, analysis, validation and remediation activities on identified infrastructure vulnerabilities Validate vulnerabilities discovered through code analysis and scans Classify and prioritize the risk of new vulnerabilities according to the specifics of environment's risk level, mitigating factors, and assessment of the impacts of internal and external threats Research and assess new threats, vulnerability security trends and security alerts, recommend remedial action Understanding of CVSS base score methodology Process network security ACL requests Work with Engineers and Developers to oversee remediation of identified security issues Perform technical and non-technical compliance activities Provide security subject matter expertise to product teams including developers and system administrators Perform security validation for configuration settings on different systems Create ad-hoc metric requests and documentation Minimum Qualifications Bachelor's degree with a minimum of 1 year of information security work experience A strong interest in the field of information security Good understanding of infrastructure vulnerabilities and how they can exploited Good understanding of the Vulnerability Management lifecycle Good knowledge of Network Security concepts such Ports and Protocols and Network ACLs Fluent in a variety of web application protocols, operating systems and networking technologies. Strong understanding of common network vulnerabilities, OS vulnerabilities (Linux, Windows and OSX), patching and attack patterns. Strong analytical, problem solving and engineering skills. Good written and verbal communication skills. Solid organizational skills and strong customer service skills. Experience with parsing / analysis of large data sets (eg vulnerability scan results). Desired Qualifications Familiarity with Enterprise Vulnerability Management tools such as Rapid 7 Nexpose, Nessus or Qualys. Familiarity with Amazon Web Services (AWS) security. Intermediate scripting, system administration or software engineering background (eg Python, Ruby, Javascript, Perl, or Java). Experience running nmap or similar tools Experience using Splunk Kaztronix is an equal opportunity employer and does not discriminate on the basis of race, color, national origin, sex, age, religion, disability, veteran status or any other consideration made unlawful by federal, state or local laws.In addition, all human resource actions in such areas as compensation, employee benefits, transfers, layoffs, training and development are to be administered objectively, without regard to race, color, religion, age, sex, national origin, disability, veteran status or any other consideration made unlawful by federal, state or local laws.

Similar jobs