Senior Cybersecurity Associate (JBD0064)
Location: Houston, TX
The IT Security Consultant will be part of an IT Security team supporting projects in the areas of security assessments, security infrastructure design and implementation, and PCI services.
The IT security consultant will be responsible for :
-
Perform hands on technical testing of systems and networks using open source, commercial, or proprietary toolsets
-
Perform Web Application penetration tests using a variety of tools and manual techniques.
-
Have an understanding of how to create unique exploit code, bypass AV and mimic adversarial threats
-
Assess the current state of the client’s network security by identifying all vulnerabilities and security measures
-
Help client perform analysis and mitigation of security vulnerabilities
-
Recommends controls by identifying problems; writing improved procedures
-
Monitors project progress by tracking activity; resolving problems; publishing progress reports; recommending actions
-
Maintains user confidence and protects operations by keeping information confidential
-
Prepares technical reports by collecting, analyzing, and summarizing information and trends
-
Assessments and Social Engineering
-
Research and maintain proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption
-
Understand incident reporting and response capability to perform reviews and provide recommendations
-
Mentor junior and mid-level staff members by creating and teaching latest techniques in ethical hacking and vulnerability analysis
-
Support Director and Business Development Management team during prospective client meetings and proposals
Qualifications
-
Five (5) or more years of professional experience required
-
Experience performing IT Security Assessments, including static, dynamic, and manual assessments preferred
-
Experience leading and managing teams of security consultants preferred
-
Must be able to use at least two of the following proficiently and instruct others on them: Nessus, Burp, Metasploit Framework/Pro, and the Social Engineering Toolkit; or have strong experience with PCI
-
Must have solid working experience and knowledge of Windows and Unix/Linux operating system
-
Familiarity of Network and System architecture analysis required. Fundamentals of network routing & switching and assessing network device configurations required
-
Scripting (Windows/*nix), Bash, Python, Perl, or Ruby is strongly preferred
-
Strong familiarity with OWASP top 10, PTES and NSA Vulnerability and Penetration Testing Standards required
-
Experience with PCI DSS, HITRUST, ISO 27001/2 preferred
Other Knowledge, Skills & Abilities:
-
A strong understanding of web, mobile, and thick client Application Security, static and dynamic testing, and Secure SDLCs
-
A working understanding of application layer vulnerabilities, and the business impact associated with those vulnerabilities
-
A strong desire to be a part of and grow a nationwide, elite IT Security team
-
Strong written and oral communication skills
-
Ability to work in a fast-paced, high-growth environment with multiple high-priorities
-
Approximately 20% out-of-town travel to client locations is typical for IT security consultants
-
Consultants work from their local office when not visiting client locations, or remotely when testing is required out of office hours.
To apply send resume to Norris@FlexSR.com
Attn Sr CSA (JBD0064)