Pen Test Vulnerability Analyst

An extraordinarily talented group of individuals work together every day to drive TNS' success, from both professional and personal perspectives. Come join the excellence!

Overview

The Pen Test Vulnerability Analyst candidate will support a rigorous testing schedule in collaboration with third-party Penetration Testers in support of customer requirements. The candidate will effectively manage the penetration test events and lead the remediation effort for all test findings. This includes working alongside numerous internal teams with diverse IT disciplines. The ideal candidate will strive to build relationships amongst team members to successfully maintain a security posture in accordance with applicable industry standards.

Responsibilities

Required Skills

• Knowledge of computer networking concepts and protocols, and network security methodologies
• Knowledge of cybersecurity and privacy principles
• Knowledge of cyber threats and vulnerabilities
• Knowledge of application vulnerabilities
• Knowledge of Web Application and API vulnerability scanning
• Knowledge of cryptography and cryptographic key management concepts
• Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML)
• Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI]
• Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code)
• Knowledge of system administration, network, and operating system hardening techniques
• Knowledge of ethical hacking principles and techniques
• Knowledge of penetration testing principles, tools, and techniques
• Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)

Qualifications

• Bachelor’s Degree, Information Systems, Computer Science, Information Security or related field required

• 3 – 5 Years security or Information security experience willingness to work in a 24/7 environment.

• 2+ years experience conducting IT compliance assessments (PCI, etc.)

• 1+ years experience in conducting Penetration Testing

• Knowledge of technical infrastructure, networks, applications, and systems in relation to Security

• In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, common exploits

• Global Information Assurance Certification (GIAC) or EC Council Ethical Hacking Certifications preferred.

• Certified Information Systems Security Professional (CISSP), or related certification a plus.

• Exceptional Analytical, problem solving and interpersonal skills

• For this role, we anticipate paying $108,500k-130,800k annually. Any compensation range provided for this role is an estimate determined by available market data. The actual amount may be higher or lower than the range provided considering each candidate’s knowledge, skills, abilities, and geographic location. TNS offers a competitive benefit package including medical and dental coverage, life insurance, paid holidays and vacations, and a 401K plan with company match.”

If you are passionate about technology, love personal growth and opportunity, come see what TNS is all about!

TNS is an equal opportunity employer. TNS evaluates qualified applicants without regard to race, color, religion, gender, national origin, age, sexual orientation, gender identity or expression, protected veteran status, disability/handicap status or any other legally protected characteristic.