Security Analyst Tester

Position: Security Analyst / Tester

Location: Marlborough MA
Employment Type: Onsite

Job Description

The Security Analyst/Tester will be responsible for identifying assessing and mitigating vulnerabilities across applications and systems. This role combines technical testing expertise with analytical skills to protect the organizations assets data and operations. The ideal candidate will have hands-on experience with vulnerability assessments penetration testing secure coding principles and incident response procedures.

Key Responsibilities

1. Security Analysis and Testing

• Perform vulnerability scanning penetration testing and code reviews to detect and assess potential threats.

• Conduct application security testing to identify weaknesses in web and backend systems.

• Prepare detailed reports outlining findings risks and recommended remediation steps.

2. Incident Response

• Investigate and respond to security incidents and breaches in real time.

• Analyze the root cause of attacks and develop strategies to prevent recurrence.

• Implement incident management procedures and coordinate cross-functional response teams.

3. Risk Management

• Conduct risk assessments and threat modeling to evaluate exposure levels.

• Monitor infrastructure and networks for suspicious or unauthorized activities.

• Design proactive measures to strengthen the organizations security posture.

4. Security Architecture and Implementation

• Deploy and manage firewalls IDS/IPS systems encryption protocols and antivirus solutions.

• Collaborate with system architects to integrate security-by-design principles.

5. Developer Guidance and Training

• Provide actionable feedback to development teams on secure coding and vulnerability remediation.

• Conduct training sessions and promote cyber hygiene best practices across teams.

6. Compliance and Documentation

• Ensure adherence to regulatory standards and corporate security policies.

• Maintain comprehensive documentation for security activities policies and audit logs.

7. Disaster Recovery

• Develop and execute disaster recovery and business continuity plans.

• Periodically test recovery strategies to ensure system resilience.

Required Skills and Qualifications

• In-depth understanding of IT and cybersecurity principles.

• Hands-on experience in vulnerability assessment penetration testing and secure application development.

• Familiarity with network security tools (firewalls encryption antivirus SIEM solutions).

• Knowledge of data privacy regulations and compliance standards (e.g. ISO 27001 NIST).

• Strong analytical diagnostic and problem-solving abilities.

• Excellent communication and documentation skills.

• Bachelors degree in Computer Science Information Technology or a related field.

• Preferred Certifications: CompTIA Security Certified Ethical Hacker (CEH) CISSP or equivalent.