Posted in Other 30+ days ago.
Type: Full Time
Job Title
Web App Vulnerability Analyst
Job Description
The most security-conscious organizations trust Telos Corporation to protect their vital IT assets. The reputation of our company rests on the quality of our solution and the integrity of our people. Explore what you can bring to our solutions in information assurance, secure networks, secure enterprise messaging, and identity management.
Be a part of the Telos culture and see what sets us apart! Telos offers an excellent compensation package with benefits that include generous paid time off, medical, dental, vision, tuition reimbursement, and 401k. Our employees enjoy more than just a great work environment!
This position may be based in: Washington, DC; Kansas City, MO; Fort Worth, TX; Remote
Responsibilities:
Telos is seeking a Web Application Vulnerability Analyst with experience utilizing web application vulnerability scans for large organizations. This experience will include knowledge of web application architectures and the programming languages used to develop them. The candidates will be able to demonstrate knowledge and experience identifying and explaining the risk vs. impact of web application vulnerabilities. The successful candidate will also have experience implementing and operating a web scan tool such as BurpSuite or NetSparker. This will include the configuration of scheduled authenticated and unauthenticated scans and the configuration of reports for dissemination. Experience with a range of opensource scan and pen test tools is essential. Finally, the successful candidate must have experience with manual web vulnerability inspection, including the manual validation of findings identified by automated scan tools.
Individual must be self-motivated, capable of working independently, and manage priorities to achieve requested deadlines.
Job Duties:
- Supports agency wide vulnerability management and identification program and continuous monitoring for certification & accreditation.
- Supports agency reporting using detailed data gathering and analysis.
- Supports incident handling activities by providing support to IR team for incident analysis, coordination and response.
- Daily operations of agency vulnerability scanning tools and supporting infrastructure.
- Support Administration of agency vulnerability scanning tools and all supporting infrastructure, including evaluations on Vendor recommendations. ** Tools used on a regular basis are Tenable.sc, Nessus, Burp, Twistlock, Shodan, Netsparker, Kali Linux, and Kismet.
- Support the training and creation of training materials for agency scanning program.
- Learns and becomes familiar with new software suites.
- Complete assignments with independent thought and action within the scope of specific assignments.
- Perform web application vulnerability scanning / analysis with dissemination of reports.
- Manage an enterprise vulnerability assessment program, which will include conducting regular patch & configuration vulnerability assessments against core infrastructure via NetSparker scanning tool.
- Manual vulnerability validation.
- Research & evaluate scanning and assessment findings of threats and vulnerabilities to assist in prioritization of remediation actions.
- Investigation of conflicting scan reports, validation of findings or indicated false positives versus true positive.
- Provide consultative services to Information System Security Officers or System Owners of web applications and address issues or concerns in scan results.
- Assist in supporting the maintenance and patching of Windows Servers and NetSparker Application or Agents.
- Configuration ofauthenticated Web App scans using multiple authentication platforms, such as smartcard, saml, and OAuth.
- Educate internal and external stakeholders on security processes and procedures.
- Keep up to date with the latest testing and ethical hacking methods.
Job Requirements
- B.S. Degree in Computer Science, Information Systems, Mathematics, Engineering or related degree is preferred, or the equivalent combination of education, professional training or work experience (6 years).
- Three (3) years' experience in IT security with one or more of the following:
- 1-2 years' experienceconducting vulnerability scanning using a network or web application security scanner: NetSparker, HP WebInspect, BurpSuite, ZAP, Nexpose, Nessus, OpenVAS or similar.
- 1-2 years' experience analyzing and interpreting scan reports and assisting in remediation.
- 1-2 years' experience with manual web vulnerability validation.
- 2+ years of experience in technical operations providing vulnerability and orsystem/platform support.
- (Preferred) 2 years' experience with scripting in either Powershell, BASH, Perl, or Python.
- Experience with application and network security.
- A general understanding of key IT operational policies, processes and methodologies applicable to governance, risk management and compliance.
- A general understanding of security fundamentals and general security technologies, including operating systems, network security (firewall, VPNs, etc), security event management, business continuity, and identity management.
- Understanding of OWASP top 10 2017.
- The successful candidate must meet eligibility requirements to access sensitive information, which requires US Citizenship.
Telos maintains a drug-free workplace and will conduct drug testing on all applicants who have accepted an offer of employment.
Telos Corporation participates in the E-Verify program. Therefore, any employment with Telos will also be contingent upon confirmation from the Social Security Administration (\\"SSA\\") and/or the Department of Homeland Security (\\"DHS\\") of your authorization to work in the United States.
Telos offers excellent compensation packages including salary commensurate with experience and benefits to meet your needs for today and the future.
Telos and its subsidiaries are an Affirmative Action/Equal Opportunity Employer encouraging women, minorities, individuals with disabilities, and veterans to apply.
Job Type
Full-Time
Location
Fort Worth, TX 76102 US
Kansas City, KS 66101 US
Remote, US
Washington, DC 20405 US (Primary)
Telos offers an excellent compensation packages including salary commensurate with experience and benefits to meet your needs for today and the future. Telos and its subsidiaries are an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
.
|
CAVA |
|
Jazzsol |
|
The Judge Group Inc. |