Cyber Security SME - Security Auditor - Penetration Tester

Yesterday

Apply Now

Receive Emails with Similar Jobs

MBL Technologies Inc.

WebsiteLinkedInAll Job Openings

Information Assurance • Privacy • Enterprise Security • Program Management • cloud security

11 - 50

Description

• MBL Technologies, Inc. offers a diverse set of management and technology consulting services • Support and provide expertise to a successful cyber security program for a federal government customer • Work closely with cross - functional teams, including IT, network engineering, and cyber security • Ensure that systems and networks are secure, compliant with applicable regulations, and protected against unauthorized access • Identify vulnerabilities and potential threats, conducting risk assessments, and developing and implementing security solutions to mitigate risks • Involved in incident response, security monitoring, and security policy development

Requirements

• CISM, CISSP, GSLC, CEH, LPT, CPT • U.S. Citizenship • Must possess or be able to obtain a federal background investigation of Tier 4 Critical Non-Sensitive (Form SF 85P) • Bachelor’s degree in business, information technology, or related field of study or 10 years of experience in computer security may substitute for degree • Minimum seven years of experience in cybersecurity • AWS Solutions Architect - Professional (network certified) • AWS Certified Security - Specialty • Splunk Enterprise Certified Architect • Experience with Palo Alto networking • Experience with Webinspect, BurpSuite, Splunk Expert (+), Tenable • Expertise with Sonar Qube (source code analysis, static source code analysis) • Penetration tester experience, knowledge of networking protocols (TCP/IP, SNMP, DNS, DHCP, ISCSI) • Strong in vulnerability analysis. Using Splunk on top of that • Experience demonstrating strong analytical, troubleshooting, and problem-solving skills for cybersecurity • Knowledge of NIST, Zero Trust Architecture and risk management frameworks • Knowledge of Cybersecurity/privacy principles and cyber threats and vulnerabilities • Experience implementing, running, and maintaining tools and/or processes to reliably identify security issues such as SQLi, XSS, CSRF, and business logic flaws across large code bases (SAST, DAST, PenTesting, Security Unit Testing) • Knowledgeable regarding browser security controls (CSP, XFO, HSTS), web application security topics such as OWASP (pen tester) Top 10, and authentication infrastructure (SAML, OAUTH) • Excellent in oral, written, and verbal communication skills

Benefits

• medical, dental, vision, STD, Accident, Life, Hospital Insurance, FSA, HSA, 401K match, professional development stipend • remote work • health and wellness programs • employee discounts • learning and development reimbursement