2026-33 Security Analyst
Share
Job Location:
Monthly Salary:
Posted on:
6 hours ago
Vacancies:
1 Vacancy
Job Summary
Job Description:
- Advanced Penetration Testing: Perform comprehensive hands-on penetration tests (Black Box Grey Box White Box) on web applications APIs network infrastructure and cloud environments simulating real-world attack scenarios using tools like Burp Suite Postman and Kali Linux.
- Purple Team & Adversary Emulation: Design and execute targeted operations to test the companys security monitoring detection and response capabilities. Partner closely with the Blue Team to validate fixes and assist in designing preventative security controls.
TTX Technical Design: Design and build technically-grounded attack patterns and injections for strategic company-wide enterprise crisis simulations and focused operational TTXs.
- Vendor & External Testing Management: Lead the creation of detailed Statements of Work (SOWs) and Rules of Engagement (ROEs) for third-party penetration testing vendors managing the full testing lifecycle through final report review and risk acceptance.
- Cross-Functional Risk Communication: Act as a bridge between the technical security team and non-cyber teams clearly articulating technical vulnerabilities as business risks and driving remediation efforts with non-technical stakeholders.
- Vulnerability Reporting & Peer Review: Produce clear detailed and technically accurate reports outlining vulnerabilities the exploit path and risk-rated recommendations. Perform peer reviews of reports from other penetration testers to ensure accuracy and reproducibility.
- Documentation & SOPs: Develop and maintain high-quality operational documentation including Standard Operating Procedures (SOPs) Job Aids and technical runbooks for testing methodologies and post-exercise remediation processes.
- Tool Development: Develop and maintain custom tools and scripts (e.g. Python PowerShell) to enhance the efficiency and scope of security assessments.
Top Skills:
- Seasoned Penetration Testing Expertise: Proven hands-on experience in exploiting vulnerabilities in modern systems including OWASP Top 10 API security flaws (CWE/CVE) and cloud misconfigurations (AWS/Azure/GCP).
- Programming/Scripting: Proficiency in at least one scripting language (Python PowerShell) for automation exploit development and custom tool creation.
- Attack Frameworks: Strong knowledge of Burp Suite Cobalt Strike and other offensive frameworks.
Project Description: Pentesting purple teaming & TTX logic programming/scripting.
- Advanced Penetration Testing: Perform comprehensive hands-on penetration tests (Black Box Grey Box White Box) on web applications APIs network infrastructure and cloud environments simulating real-world attack scenarios using tools like Burp Suite Postman and Kali Linux.
- Purple Team & Adversary Emulation: Design and execute targeted operations to test the companys security monitoring detection and response capabilities. Partner closely with the Blue Team to validate fixes and assist in designing preventative security controls.
TTX Technical Design: Design and build technically-grounded attack patterns and injections for strategic company-wide enterprise crisis simulations and focused operational TTXs.
- Vendor & External Testing Management: Lead the creation of detailed Statements of Work (SOWs) and Rules of Engagement (ROEs) for third-party penetration testing vendors managing the full testing lifecycle through final report review and risk acceptance.
- Cross-Functional Risk Communication: Act as a bridge between the technical security team and non-cyber teams clearly articulating technical vulnerabilities as business risks and driving remediation efforts with non-technical stakeholders.
- Vulnerability Reporting & Peer Review: Produce clear detailed and technically accurate reports outlining vulnerabilities the exploit path and risk-rated recommendations. Perform peer reviews of reports from other penetration testers to ensure accuracy and reproducibility.
- Documentation & SOPs: Develop and maintain high-quality operational documentation including Standard Operating Procedures (SOPs) Job Aids and technical runbooks for testing methodologies and post-exercise remediation processes.
- Tool Development: Develop and maintain custom tools and scripts (e.g. Python PowerShell) to enhance the efficiency and scope of security assessments.
Top Skills:
- Seasoned Penetration Testing Expertise: Proven hands-on experience in exploiting vulnerabilities in modern systems including OWASP Top 10 API security flaws (CWE/CVE) and cloud misconfigurations (AWS/Azure/GCP).
- Programming/Scripting: Proficiency in at least one scripting language (Python PowerShell) for automation exploit development and custom tool creation.
- Attack Frameworks: Strong knowledge of Burp Suite Cobalt Strike and other offensive frameworks.
Project Description: Pentesting purple teaming & TTX logic programming/scripting.
Required Experience:
IC
