Job Title: Vulnerability Assessments Analyst
Job Location: Fort Lauderdale, FL (Hybrid - 3 Days Onsite)
Client: Bank
The Role:
The Vulnerability Assessments Analyst - Red Team Contractor role will participate in the Adversary Emulation program by assisting with our Special Projects Tiger Team. This team will be performing internal network and application reconnaissance looking for violations and observations and reporting those up for remediation.
These contractors are required to assist with a Tiger Team effort in response to a regulatory observation around sensitive data being stored by employees.
The contractors will assist with discovery and remediation efforts.
Additional Responsibilities:
Support Citi’s Red Team in Penetration testing reconnaissance of internal data repositories.
Conduct searches of electronically stored data to extract relevant data efficiently.
Prepare data for internal review and reporting.
Reporting on identified findings.
Work closely with data and control owners on remediation.
Demonstratable knowledge of reconnaissance tools and regular expression to identify data.
Conduct root cause analysis on issues and provide guidance on corrective actions leveraging risk and impact action.
Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions.
Assist in assessing risk when making business decisions.
Responsibilities:
Support Citi’s Red Team in Penetration testing reconnaissance of internal data repositories.
Conduct searches of electronically stored data to extract relevant data efficiently.
Prepare data for internal review and reporting.
Reporting on identified findings.
Work closely with data and control owners on remediation.
Demonstratable knowledge of reconnaissance tools and regular expression to identify data.
Conduct root cause analysis on issues and provide guidance on corrective actions leveraging risk and impact action.
Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions.
Assist in assessing risk when making business decisions.
Qualifications:
1-2 years’ experience or equivalent knowledge and exposure are required with most of the following:
Regular Expressions
Scanning Tools
Data Mining Tools
Data Repositories (Confluence, Bit Bucket, Github, etc)
Offensive security testing tools: Cobalt Strike, Red Team Toolkit, etc.
An understanding of OSI model
Security devices: Firewalls, VPN, AAA systems
OS Security: Unix/Linux, Windows, OSX
Understanding of common protocols: HTTP, LDAP, SMTP, DNS
Reporting information security vulnerabilities to the business
Education:
Bachelor’s degree/University degree or equivalent experience
Industry-accredited security certifications preferred but not required (e.g. PNPT, OSCP, GXPN, GPEN, GCIH, GWAPT, GCFA)
Thanks & Regards,
Shubhanshu Gupta| Sr. Technical Recruiter
PSS Technology Inc.
Office: 408-389-3111 Ext. 106
shubhanshu.gupta@psstechnologyinc.com
linkedin.com/in/shubhanshu-gupta-1b4076189