Technical Security Analyst

The ideal candidate will have great interest in information security, has hands-on security engineering experience, and be able to come up with creative and unique solutions to security- related problems. The Analyst will perform technical security engineering activities including the following: Perform vulnerability scan, analysis, validation and remediation activities. Validate vulnerabilities discovered through code analysis and scans. Classify and prioritize the risk of new vulnerabilities according to the specifics of Client environment's risk level, mitigating factors, and assessment of the impacts of internal and external threats. Research and assess new threats, vulnerability security trends and security alerts, recommend remedial action. Process network security ACL requests Work with customers to oversee remediation of identified security issues. Perform technical and non-technical compliance activities. Provide security subject matter expertise to Client product teams including developers and system administrators. Perform security validation for configuration settings on different systems. Minimum Qualifications Bachelor's degree with a minimum of 1 year of information security work experience. A strong interest in the field of information security. Good understanding of industry vulnerabilities and how they can exploited Good understanding of the Vulnerability Management lifecycle Good knowledge of Network Security concepts such Ports and Protocols and Network ACLs Fluent in a variety of web application protocols, operating systems and networking technologies. Strong understanding of common network vulnerabilities, OS vulnerabilities (Linux, Windows and OSX), patching and attack patterns. Strong analytical, problem solving and engineering skills. Good written and verbal communication skills. Solid organizational skills and strong customer service skills. Experience with parsing / analysis of large data sets (e.g. vulnerability scan results). Desired Qualifications Certified Information Systems Security Professional (CISSP). Certified Ethical Hacker (CEH) Familiarity with Enterprise Vulnerability Management tools such as Rapid 7 Nexpose, Nessus and Qualys. Familiarity with Amazon Web Services (AWS) security. Intermediate scripting, system administration or software engineering background (e.g. Python, Ruby, Javascript, Perl, or Java).