Cyber Security Analyst
TITLE: Attack Surface Management Cyber Analyst
LOCATION: Remote
ANTICIPATED DURATION: 1 year
Attack Surface Management Cyber Analyst Responsibilities:
- Support and advise development of program objectives, priorities, and strategy
- Conduct attack surface assessments and analysis of exposed vulnerabilities
- Perform verification/validation testing for vulnerabilities in external-facing web sites, web applications, and services; demonstrate exploitation steps and verify remediation/fixes
- Perform data collection in support of ASM
- Identify vulnerabilities, communicate risk, and verify root cause
- Develop custom tools and small utilities
- Generate comprehensive reports, including detailed findings, exploitation procedures, and mitigation techniques
- Maintain knowledge of the current security threat landscape by monitoring related internet postings, intelligence reports and other sector specific sources as necessary
- Generate reports detailing assessment findings, attack paths, exploitation procedures, and recommended mitigation techniques
- Demonstrate client values of Safety First, Unquestionable Trust, Superior Performance, and Total Commitment
Attack Surface Management Cyber Analyst Requirements:
- Must be willing and able to obtain and maintain US government security clearance
- Strong technical consulting experience: ability to understand business requirements and present appropriate solutions
- Ability to work independently or within a team
- Demonstrated critical, independent thinking; demonstrated ability to conceive and present creative solutions
- One or more relevant industry certifications (GSEC, CISSP, Security +, SSCP)
- Occasional travel to local and regional locations in pursuit of the job duties and requirements
- Bachelor’s degree in computer science, technology, engineering or security-related field or equivalent experience
- Minimum 5 years IT security experience
- Broad knowledge of core information security principles (e.g. access control, least privilege, data integrity) and security capabilities
- Thorough understanding of network design principles (including topology, protocols, network components, and principles) and virtualized infrastructures
- Practical experience with Splunk, ArcSight or comparable Security Information and Event Management (SIEM)
- Demonstrated experience in security operations, including SOC and security monitoring, incident response, host/network forensics, penetration testing, cyber threat intelligence, malware analysis, or security consulting
- Demonstrated ability to work outside of the standard enterprise tools and alerts to identify adversarial behavior
- Thorough understanding of TCP/IP network stack, network technologies, network traffic analysis and protocols
- Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, Path Traversal Attacks, Remote Execution Flaws, and Authentication Flaws
- Understanding of common web application frameworks and web-based APIs
- Basic understanding of regular expression and common scripting languages (PERL, Python, Powershell, Bash)
- Familiar with threat intelligence lifecycle and adversary TTPS, including Cyber Crime, Malware, Botnets, Hacktivism, Social Engineering, APT, or Insider Threat is ideal
- Understanding of OWASP common vulnerabilities and testing methodologies
- Understanding of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, code injection, race conditions, covert channel, replay, return-oriented attacks)
- Experience drafting Security Analyst processes and procedures for security operations
- Ability to effectively organize tasks, manage multiple priorities/details, meet schedules, and deliver on commitments
- Solid verbal and written communication skills required
The hourly pay rate range for this position is $45/hr to $60/hr (dependent on factors including but not limited to client requirements, experience, statutory considerations, and location). Benefits available to full-time employees: medical, dental, vision, disability, life insurance, 401k and commuter benefits.
Synergis is proud to be an Equal Opportunity Employer. We value diversity and do not discriminate on the basis of race, color, ethnicity, national origin, religion, age, gender, gender identity, political affiliation, sexual orientation, marital status, disability, military/veteran status, or any other status protected by applicable law.
For immediate consideration, please forward your resume to spirkle@synergishr.com
If you require assistance or an accommodation in the application or employment process, please contact us at spirkle@synergishr.com.
Synergis is a workforce solutions partner serving thousands of businesses and job seekers nationwide. Our digital world has accelerated the need for businesses to build IT ecosystems that enable growth and innovation along with enhancing the Total Experience (TX). Synergis partners with our clients at the intersection of talent and transformation to scale their balanced teams of tech, digital and creative professionals. Learn more about Synergis at www.synergishr.com.
-
Seniority level
Mid-Senior level -
Employment type
Contract -
Job function
Information Technology -
Industries
Utilities
Referrals increase your chances of interviewing at Synergis by 2x
See who you knowFeatured Benefits
Inferred from the description for this job
-
Medical insurance -
Dental insurance -
Vision insurance -
401(k)
Get notified about new Cyber Security Analyst jobs in Georgia, United States.
Sign in to create job alertSimilar jobs
People also viewed
-
Information Security Analyst
Information Security Analyst
-
Security Analyst
Security Analyst
-
Information Security Analyst
Information Security Analyst
-
Security Operations Center Analyst
Security Operations Center Analyst
-
Information Security Engineer
Information Security Engineer
-
Remote Work - Need Sr IT Security Analyst
Remote Work - Need Sr IT Security Analyst
-
SOC Security Analyst
SOC Security Analyst
-
Information Security Analyst
Information Security Analyst
-
Cyber Security Engineer
Cyber Security Engineer
-
Cybersecurity Analyst - NQV (Remote)
Cybersecurity Analyst - NQV (Remote)
Looking for a job?
Visit the Career Advice Hub to see tips on interviewing and resume writing.
View Career Advice Hub