YOUR PARTNER FOR A STRONG CAREER IN TECHNOLOGY

Pen Tester/Vulnerability Mgmt in Newport News, VA at APEX Systems

Date Posted: 2/12/2018

Job Snapshot

Job Description

Job #:  821316

If interested, please send resume to Andie at afescemyer@apexsystems.com.  

APPLICATION SECURITY SPECIALIST (MUST HAVE STRONG PENETRATION TESTING AND VULNERABILITY MANAGEMENT)

NEWPORT NEWS, VA

Responsibilities
• Provides subject matter expertise and technical stewardship of Cyber Threat Prevention infrastructure and service offerings, including – but not limited to - vulnerability management, event logging/correlation, and incident response, investigation, and remediation
• Develops automation, integrations, techniques, and processes to shorten detection and remediation cycles, to lower false positives, and to keep the enterprise safe from cyber threats
• Responds to and remediates security incidents quickly
• Ensures that service delivery meets established SLAs
• Reports on service consumption and value delivered to customers
• Supports projects and other initiatives as assigned

Qualifications
• Eight years or more experience on an IT or Information Security team
• Technical background within Information Security or security-related infrastructure, preferably in a cyber threat-related context
• Associate is expected to operate at the expert level across the following areas of technical knowledge and skill:
• Experience with one or more industry-standard SEIM, vulnerability management, or related offerings preferred
• Experience with Security Operation Center functions, including security event and incident handling, incident response (manual and automated), and run book development
• Builds and maintains good working relationships
• Excellent written, oral, instructional, presentation, and interpersonal skills
• Ability to efficiently operate computers, tablets, and mobile devices
• Advanced knowledge of Microsoft Office software (Outlook, Word, Excel, PowerPoint, Access, etc.)
• Broad experience/understanding of IT operations and service delivery model
• Applies in-depth advanced knowledge (principles, theories, and concepts) and skills of a specific/specialized technical area within the context of a similar industry or type of organization
• Certifications not required, but SSCP (Systems Security Certified Practitioner) or CISSP (Certified Information Systems Security Professional) desirable
• Improves and/or adapts work methods based on past personal experiences without the benefit of defined procedures, and identifies solutions to problems through interpretive skills and analyses
• Must be self-motivated, proactive, creative, and efficient in identifying issues, understanding, and proposing solutions
• Knowledge and experience using Agile and Waterfall project methodologies
• Working understanding of the SDLC process and the QA lifecycle and methodology