Match score not available

Unlock Premium Benefits Today!
🚀 Elevate your career with priority access.
Stand out to top recruiters with Jobgether Priority Access:
  • ✅ Top Match: We help you identify job offers where you're a perfect fit.
  • ✅ Exclusive Referral Service: Connect directly with recruiters as a Jobgether Certified Premium User.
  • ✅ Personalized Feedback: Receive feedback and expert guidance on applications, and have your profile manually reviewed.

Start Your Free Trial Now!

Start my free trial

Sr. Security Analyst - Remote

Remote: 
Full Remote
Contract: 
Full time
Experience: 
Senior (5-10 years)
Work from: 
Suriname

TekRecruiter logo
TekRecruiter Startup https://www.tekrecruiter.com/
11 - 50 Employees
See all jobs

Job description

This is a remote position.

TekRecruiter  has been asked to recruit a Full Time Penetration Tester to join the team of an awesome technology company. The role currently starts remotely due to Covid but may return to the Tempe, AZ corporate office in the future. 
The Penetration Tester is an integral part of the Global Cyber Security team and will be responsible for executing penetration tests to support the Secure Development Lifecycle.  This role ensures that products that are developed are built securely and security vulnerabilities detected in the product are addressed prior to release.  Additional responsibilities may be asked as deemed necessary.

 

Job Responsibilities:

  • Participate in penetration testing, scoping, security test planning, identifying tools required for penetration testing

  • Participate in threat modeling, risk analysis and creating mitigation plan

  • Identify and recommend appropriate measures to manage and remediate discovered or potential vulnerabilities, providing guidance to partner teams

  • Mature penetration testing strategy for early and effective detection of potential vulnerabilities.

  • Demonstrate the ability to assess the security of applications- Web applications, APIs, backend / infrastructure supporting the applications, Cloud, Microservices

  • Promote Secure SDLC and the culture of “shift-left” by integration security tools into CI/CD

  • Demonstrate knowledge of secure code scanning tools

  • Keep up-to-date knowledge of vulnerabilities in the field of security for secure application development

  • Handle communication between geographically dispersed groups 


Web / API / Cloud Penetration Testing Qualifications:

Must Haves

  • 4-6 years of independent end to end hands-on manual experience in Web application penetration testing, Webservice / API (REST & SOAP) Penetration Testing

  • Familiar with security guidelines such as OWASP Top Ten, OSTMM (Open Source Security Testing Methodology Manual) & WASC (Web Application Security Consortium)

  • Knowledge of Azure and AWS cloud attacks

  • Experience in enumeration techniques, authentication and authorization, data access, encryption algorithms

  • Knowledge of security fundamentals, network/application protocols, topologies, reverse engineering, fuzzing & exploit development

  • Experience in executing security assessment activities which includes internal/external stakeholder communications, risk assessment, documentation and reporting and presentation of findings

  • Effective project management skills, oral and written communication skills, interpersonal skills

  • Hands on experience with security tools such as Burp Suite Pro, web application scanners (IBM AppScan, Acunetix, Rapid7 etc..) and static code analysis tools such as Checkmarx, BlackDuck, Veracode, Fortify etc...


Nice to Haves

  • Expertise in evaluating the security of cloud-based applications, services, and infrastructures including serverless architectures

  • Experience with testing storage and database systems, virtual machines

  • Hands-on experience with penetration testing of microservices, SaaS,PaaS

  • Participated in Bug Bounty programs and CTF

  • Experience in presenting at security conferences / events

  • Familiarity with at least one scripting language (Python, Powershell) and programming language such as JAVA and .NET

  • Knowledge of Secure SDLC and DevSecOps implementation

 

Educational Qualifications:

  • Bachelor’s or Master’s degree in computer science or related field

  • Security certification/s such as OSCP, GWAPT,  CEH, CCSK, CCSP, GCPN are strongly considered


TekRecruiter is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. TekRecruiter will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.

Required profile

Experience

Level of experience: Senior (5-10 years)
Spoken language(s):
English
Check out the description to know which languages are mandatory.

Hard Skills

API TestingBurp SuiteFortinetAcunetixSecurity AnalysisBlackmagicVeraCodeNetwork ProtocolsProject ManagementHCL AppScanOnline CommunicationCheckmarx

Other Skills

  • Non-Verbal Communication
  • Social Skills
Are you interested?

Security Analyst Related jobs

See more Security Analyst jobs