Vulnerability Assessments Analyst

---

Job description

Global Financial Firm located in Fort Lauderdale, FL has an immediate contract opportunity for an experienced Vulnerability Assessments Analyst

"This role is currently on a Hybrid Schedule.

You will need to have reliable internet, computer and android or iPhone for remote access into the client systems during remote work.

We will be expected in the office weekly 3 days depending on the team requirement.

Video/ f2f interviews are required prior to all offers.

The Role:

The Vulnerability Assessments Analyst - Red Team Contractor role will participate in the Adversary Emulation program by assisting with our Special Projects Tiger Team. This team will be performing internal network and application reconnaissance looking for violations and observations and reporting those up for remediation.

These contractors are required to assist with a Tiger Team effort in response to a regulatory observation around sensitive data being stored by employees. The contractors will assist with discovery and remediation efforts.

Additional Responsibilities

" Support Client s Red Team in Penetration testing reconnaissance of internal data repositories.

" Conduct searches of electronically stored data to extract relevant data efficiently.

" Prepare data for internal review and reporting.

" Reporting on identified findings.

" Work closely with data and control owners on remediation.

" Demonstratable knowledge of reconnaissance tools and regular expression to identify data.

" Conduct root cause analysis on issues and provide guidance on corrective actions leveraging risk and impact action.

" Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions.

" Assist in assessing risk when making business decisions.

Responsibilities:

" Support Client s Red Team in Penetration testing reconnaissance of internal data repositories.

" Conduct searches of electronically stored data to extract relevant data efficiently.

" Prepare data for internal review and reporting.

" Reporting on identified findings.

" Work closely with data and control owners on remediation.

" Demonstratable knowledge of reconnaissance tools and regular expression to identify data.

" Conduct root cause analysis on issues and provide guidance on corrective actions leveraging risk and impact action.

" Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions.

" Assist in assessing risk when making business decisions.

Qualifications:

1-2 years experience or equivalent knowledge and exposure are required with most of the following:

" Regular Expressions

" Scanning Tools

" Data Mining Tools

" Data Repositories (Confluence, Bit Bucket, Github, etc)

" Offensive security testing tools: Cobalt Strike, Red Team Toolkit, etc.

" An understanding of OSI model

" Security devices: Firewalls, VPN, AAA systems

" OS Security: Unix/Linux, Windows, OSX

" Understanding of common protocols: HTTP, LDAP, SMTP, DNS

" Reporting information security vulnerabilities to the business

Education:

" Bachelor s degree/University degree or equivalent experience

" Industry-accredited security certifications preferred but not required (e.g. PNPT, OSCP, GXPN, GPEN, GCIH, GWAPT, GCFA)

This job description provides a high-level review of the types of work performed. Other job-related duties may be assigned as required.

<!– job description page –>