Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Information Security Analyst (Vulnerability, Penetration Testing)

U

Ursus

Information Security Analyst (Vulnerability, Penetration Testing)

San Jose, CA
Full Time
Paid
Similar Jobs
  • Responsibilities

    Job Description

     

    JOB TITLE: INFORMATION SECURITY ANALYST (VULNERABILITY MANAGEMENT) LOCATION: SAN JOSE, CA DURATION: CONTRACT TO HIRE ABOUT THE COMPANY: One of the largest investor-owned water utilities company - still offering PENSION! SUMMARY: The Information Security Analyst – Vulnerability Management plays a leading role in driving information security analysis and vulnerability remediation. RESPONSIBILITIES: Will work with IT and other departments to promote secure practices and improve information security processes and policies. The position will be responsible for identifying vulnerabilities in a system and can implement security controls to eradicate and/or mitigate the exploit. The positions require effective verbal and written communication skills to provide good customer service. ESSENTIAL FUNCTIONS:

    • Performs Network and Web Application Penetration testing
    • Proficient with Qualys, Nessus, Metasploit, Armitage, Kali Linux, and other security tools
    • Analyze and vet vulnerabilities then validate vulnerabilities are remediated
    • Research 0 days and new security threats
    • Reduce vulnerability by improving remediation and patch management process

     

    MINIMUM QUALIFICATIONS:

    • Bachelor’s degree in Computer Science, Information Systems or related field and/or equivalent relevant experience
    • Certified Information Systems Security Professional (CISSP), Certified Internal Systems Auditor (CISA), Certified Ethical Hacker (CEH) or other security certification required· Solid understanding of OWASP top 10 and can defend against such attack
    • Excellent cybersecurity concepts and methods including, but not limited to, vulnerability management, privacy, and incident response
    • Worked in a Red and Blue team environment
    • Solid understanding of “kill chain”

    REQUIRED KNOWLEDGE, SKILLS, AND ABILITIES:

    • Solid experience with ethical hacking and zero day attacks
    • Solid understanding of Metasploit framework and meterpreter
    • Knowledge and ability to evaluate, assess, and implement IT risk mitigation processes and procedures
    • Advanced knowledge of information security standards, rules, and regulations including International Organization for Standards (ISO) 27001, 27002, National Institute of Standards and Technology (NIST), and Defense Federal Acquisition Regulation Supplement (DFARS)
    • Knowledge of network, server, mobile devices, application, and database security principles for risk identification and analysis

     

    Company Description

    Ursus, Inc. is a privately held leader in recruiting and staffing. We specialize in Permanent, Contract-to-Hire, and Contract Opportunities.