IT Security Analyst

936
itsecanalistnycvad
Current Time 0:00
Duration -:-
Loaded: 0%
Stream Type LIVE
Remaining Time -:-
 
1x
    • Chapters
    • descriptions off, selected
    • captions off, selected
      Comments
      Turn off Light
      Published on May 1, 2020 by asst1jobbinghood

      CONSULTANT REQUIRED QUALIFICATIONS

      • 10+ years of experience in Information Security and/or Related Field.
      • 5+ years of experience in Red Team operations and/or Penetration Testing
      • Scripting experience in at least one programming language such as Python or PowerShell
      • Knowledge of Operational Technologies/Industrial Controls Systems (HMI, PLC, SCADA)
      • Knowledge of Active Directory concepts
      • Knowledge of Windows internals
      • Knowledge of *nix systems

      CONSULTANT PREFERRED QUALIFICATIONS

      • Previous experience conducting full-scope Purple Team engagements
      • Physical security assessment experience (lock picking, security system bypass, etc.)
      • Database experience (Oracle, MSSQL, MySQL, MongoDB)
      • Application fuzzing experience (WSFuzzer, SPIKE, Sulley, etc)
      • Reverse engineering experience/knowledge, data obfuscators, or ciphers
      • Mobile and/or web application assessments
      • Developing, extending, or modifying exploits, shellcode or exploit tools
      • Developing applications in C#, ASP, .NET, ObjectiveC, Go, or Java (J2EE)
      • Source code review for control flow and security flaws

      CONSULTANT EDUCATION/CERTIFICATIONS

      • Undergraduate degree in Computer Science, Engineering, or related field
      • GPEN, GXPN, GWAPT, OSCP, or OSCE required
      • CISSP and other relevant certifications preferred.

      RESPONSIBILITIES

      • Perform internal and external penetration testing of network infrastructure and applications
      • Perform well controlled vulnerability exploitation/penetration testing on applications, network protocols, and databases
      • Perform network reconnaissance, OSINT, social engineering, and physical security reviews
      • Demonstrate advanced understanding of business processes, internal control risk management, IT controls and related standards
      • Identify and evaluate complex business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
      • Assist in the selection and tailoring of approaches, methods and tools to support service offering or industry projects
      • Develop comprehensive and accurate reports and presentations for both technical and executive audiences
      • Learn the MTA business environment and basic risk management approaches

      Click here to Apply 

       

      Category Tag

      Add your comment