Sr. IT Security Analyst

This role is responsible for providing risk evaluation, threat modeling, and deep technical expertise on projects and technology products. This role will work closely with the Director of Threat and Vulnerability Management to identify, evaluate, and prioritize potential weaknesses in company infrastructure and applications using both manual and automated methods. This role is highly technical, requiring at least 4 years of experience in information security roles.

Position also available in St Louis, MO and Bloomington, MN

ESSENTIAL FUNCTIONS

  • Lead and mature enterprise vulnerability scanning solutions for a Fortune 25 corporation
  • Educate and mentor cross-functional individuals on identified vulnerabilities and remediation strategies
  • Serve as the SME and advisor for security maturity efforts of key infrastructure platforms
  • Assess level of assurance of critical security tools and drive operational excellence
  • Early informer of critical vulnerabilities and exposures relevant to safeguarding the company’s information assets

QUALIFICATIONS

  • Bachelor’s degree
  • 5 – 8 relevant years of experience
  • Individual has achieved measurable results in maturing vulnerability scanning for a Fortune 500 organization
  • Strong understanding of the attacker kill chain, and commonly used tools and techniques
  • Expertise and experience in securing applications, operating systems, and network infrastructure
  • Expertise in securing fundamental networking protocols: DNS, HTTP, TCP, UDP, TLS, IPSEC, 802.1x, NFS
  • Understanding of risk modeling concepts and frameworks (STRIDE, DREAD, FAIR, etc.)
  • Understanding of common exploitation techniques and mitigations
  • Vulnerability assessment process and tools experience: Nessus, Nexpose, Qualys, Metasploit, Nmap
  • Penetration testing experience and certification (CEH, OSCP, OSWE, CPT) a strong plus

Source:http://jobs.avalonexecutivesearch.com/jobseeker/Sr_IT_Security_Analyst_J02413944.aspx