Application Security Analyst / PEN Tester / Penetration Tester / vulnerability Engineer (W2 ONLY)
Apply on
Title: Application Security Analyst / PEN Tester / Penetration Tester / vulnerability Engineer
Location: Remote, Candidate has to be based out of East Coast; preferably Orlando (nice to have).
Position is open for Both Full time and Contract
Rate/Salary: Negotiable
W2 Role
Job Summary:
Security Analyst with a strong emphasis on vulnerability management to join our cybersecurity team. The ideal candidate will be responsible for identifying, assessing, and mitigating vulnerabilities within our IT infrastructure, ensuring the security and integrity of our systems and data.
Key Responsibilities:
Conduct regular vulnerability assessments and scans across all systems and applications.
Analyze vulnerability data and prioritize findings based on risk and impact.
Develop and implement remediation plans for identified vulnerabilities.
Collect and Review required evidence for security audits (ISO, PCI, SOX, etc)
Collaborate with engineering and development teams to ensure timely patching and security updates.
Monitor and report on the status of vulnerability management efforts and remediation activities.
Stay up-to-date with the latest security threats, vulnerabilities, and mitigation strategies.
Create and maintain documentation related to vulnerability management processes and procedures.
Assist in the development and execution of security awareness training programs related to vulnerability management.
Participate in incident response activities as needed.
Conduct tabletop exercises to improve security awareness
Document security process, procedure and policies
Qualifications:
Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
2+ years of experience in cybersecurity, with a focus on vulnerability management.
2+ years of experience in systems engineering or application development
2+ years of log analysis and observability tools (e.g. Splunk, Datadog, Appdynamics)
Familiarity with vulnerability assessment tools (e.g., WizIO, Nessus, nmap).
Strong understanding of network security, application security, and security best practices.
Experience with risk assessment methodologies and frameworks (e.g., NIST, CIS, OWASP).
Excellent analytical and problem-solving skills.
Strong communication skills, both written and verbal.
Relevant certifications (e.g., CompTIA Security+, CEH, CISM, CISSP) are a plus.
Cloud technology experience (e.g. AWS, Google Cloud Platform)