Cyber Vulnerability Analyst

122670
Malvern, PA, US

March 12, 2019
To gather information from multiple global threat intelligence sources, identify emerging cyber threats and threat attack methodologies, and identify the people/organizations behind them. To look for, discover, and validate vulnerabilities for rating, ranking and validity of exploitation. To analyze security data and make predictions about cyber criminals.

Duties and Responsibilities

1. Detects and profile existing perimeter and internal system attacks on network and on the endpoint.
2. Analyzes effectiveness of attacks on vulnerable systems to prioritize mitigation and remediation
3. Determines plausible threat actors that facilitate specific attack models/categories that exploit known or unknown weakness in systems.
4. Detects attacks that are currently being facilitated on endpoints and understand how the attack operates in memory and on storage.
5. Works with the forensics team to understand indicators of compromise on successful attacks and create mitigation and remediation strategies
6. Works collaboratively with other cyber crew members on research projects that involve event analysis to complex exploit point analysis
7. Compiles and execute emulated malware to validate attack vectors and risk assignments
8. Works with internal Vanguard managers to define application changes, negotiate priorities and implementation dates, agree on service level standards, and ‘partner’ for success with regards to predefined remediation mandates.
9. Participates in special projects and performs other duties as assigned.

Qualifications

  • Bachelor’s degree or equivalent experience required.
  • Five years of experience performing attack analysis or Red Team penetration testing against operational computer networks including experience in Windows Security, Network Security, Linux/Unix Security, Database security, or Mainframe Security.
  • CEH and CISSP required
  • This is an on-call position and can require working nights weekends and holidays.
  • Must be technical enough to validate any finding that automated tools alert or find
  • Experience with vulnerability scanning tools like Qualys or Nessus.
  • Experience detecting network and OS specific attacks like Windows, Linux, iOS and others
  • Experience with Web Application Pen testing.
  • Experience architecting, writing and compiling simulated malware code to validate vulnerabilities and compromise complexity.
  • Experience with Data Loss Prevention solutions like Digital Guardian, McAfee or Symantec.
  • Demonstrates excellent communication skills, analytical ability, strong judgment, and the ability to work effectively with others.
  • Ability to understand strategic objectives and vision, and work towards those goals.
  • Ability to remain calm and professional while working in a high pressure incident situation.

Special Factors

Vanguard is not offering visa sponsorship for this position.