Support and advise development of program objectives, priorities, and strategy
Conduct attack surface assessments and analysis of exposed vulnerabilities
Perform verification/validation testing for vulnerabilities in external-facing web sites, web applications, and services; demonstrate exploitation steps and verify remediation/fixes
Perform data collection in support of ASM
Identify vulnerabilities, communicate risk, and verify root cause
Develop custom tools and small utilities
Generate comprehensive reports, including detailed findings, exploitation procedures, and mitigation techniques
Maintain knowledge of the current security threat landscape by monitoring related internet postings, intelligence reports and other sector specific sources as necessary
Must be willing and able to obtain and maintain US government security clearance
Strong technical consulting experience: ability to understand business requirements and present appropriate solutions
Ability to work independently or within a team
Demonstrated critical, independent thinking; demonstrated ability to conceive and present creative solutions
One or more relevant industry certifications (GSEC, CISSP, Security +, SSCP)
Occasional travel to local and regional locations in pursuit of the job duties and requirements
Bachelor’s degree in computer science, technology, engineering or security-related field or equivalent experience
Minimum 5 years IT security experience
Broad knowledge of core information security principles (e.g. access control, least privilege, data integrity) and security capabilities
Thorough understanding of network design principles (including topology, protocols, network components, and principles) and virtualized infrastructures
Practical experience with Splunk, ArcSight or comparable Security Information and Event Management (SIEM)
Demonstrated experience in security operations, including SOC and security monitoring, incident response, host/network forensics, penetration testing, cyber threat intelligence, malware analysis, or security consulting
Demonstrated ability to work outside of the standard enterprise tools and alerts to identify adversarial behavior
Thorough understanding of TCP/IP network stack, network technologies, network traffic analysis and protocols
Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, Path Traversal Attacks, Remote Execution Flaws, and Authentication Flaws
Understanding of common web application frameworks and web-based APIs
Basic understanding of regular expression and common scripting languages (PERL, Python, Powershell, Bash)
Familiar with threat intelligence lifecycle and adversary TTPS, including Cyber Crime, Malware, Botnets, Hacktivism, Social Engineering, APT, or Insider Threat is ideal
Understanding of OWASP common vulnerabilities and testing methodologies
Understanding of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, code injection, race conditions, covert channel, replay, return-oriented attacks)
Experience drafting Security Analyst processes and procedures for security operations
Ability to effectively organize tasks, manage multiple priorities/details, meet schedules, and deliver on commitments
Solid verbal and written communication skills required
The hourly pay rate range for this position is $45/hr to $60/hr (dependent on factors including but not limited to client requirements, experience, statutory considerations, and location). Benefits available to full-time employees: medical, dental, vision, disability, life insurance, 401k and commuter benefits.
Synergis is proud to be an Equal Opportunity Employer. We value diversity and do not discriminate on the basis of race, color, ethnicity, national origin, religion, age, gender, gender identity, political affiliation, sexual orientation, marital status, disability, military/veteran status, or any other status protected by applicable law.
For immediate consideration, please forward your resume to spirkle@synergishr.com
If you require assistance or an accommodation in the application or employment process, please contact us at spirkle@synergishr.com.
Synergis is a workforce solutions partner serving thousands of businesses and job seekers nationwide. Our digital world has accelerated the need for businesses to build IT ecosystems that enable growth and innovation along with enhancing the Total Experience (TX). Synergis partners with our clients at the intersection of talent and transformation to scale their balanced teams of tech, digital and creative professionals. Learn more about Synergis at www.synergishr.com.
Seniority level
Mid-Senior level
Employment type
Contract
Job function
Information Technology
Industries
Utilities
Referrals increase your chances of interviewing at Synergis by 2x