Senior Security Analyst
Remote
Applications have closed
Flashpoint
Flashpoint is a data and intelligence company that empowers our customers to take rapid, decisive action to stop threats and reduce riskCompany Description:
Trusted by governments and the Fortune 500, Flashpoint helps organizations protect their most critical assets, infrastructure, and stakeholders from security risks such as cyber threats, ransomware, fraud, physical threats, and more. Leading security practitioners—including cyber threat intelligence (CTI), vulnerability management, DevSecOps and vendor risk management teams—rely on Flashpoint's intelligence platform to proactively identify and mitigate risk and stay ahead of the evolving threat landscape. To learn more about Flashpoint, visit https://www.flashpoint.io or follow us on Twitter at @FlashpointIntel.
What we are looking for:
This role is for a resourceful senior level security analyst to perform vulnerability assessments and penetration testing activities, leveraging internal and external tools, automating tasks and analysis with scripting, and assessing and communicating risks of findings via written analysis.
What you will do:
- Assess infrastructure for vulnerabilities and provide findings at direction of clients
- Work with internal and customer teams to develop and implement red team exercise plans within legal and policy frameworks
- Obtain malicious tools or software provided by threat actors intending to target customer networks or users, and collaborate with customers to test and document TTPs
- Develop and maintain tools and techniques for vulnerability research, exploit development, red teaming, and adversarial simulation.
- Track and report on malware campaigns, threat actor groups, and TTPs by identifying malicious infrastructure
- Work with our internal teams and tools to analyze the latest malware and vulnerabilities, and identify links between them
- Produce concise, written analysis and/or visual presentation of findings to communicate potential risks and impact
- Quickly understand and deliver on company and customer requirements
- Write high quality tactical and strategic assessments to inform risk intelligence decision making process
- Mentor junior team members and contribute to their development
What you will bring:
- 3+ years experience in penetration testing, red teaming, vulnerability analysis, or exploit development
- Experience with OWASP Top 10
- Experience analyzing vulnerabilities, exploit code, and malware
- Strong scripting and task automation skills in Python or similar scripting languages
- Familiarity with PHP, C, .Net, Go, and other similar languages.
- Familiarity with Indicators of Compromise (IOCs) and mitigation strategies to protect client networks from them
- Proficient utilizing open source command line tools, internally built tools, or external industry standard tools to find relevant data or risks
- Strong analytical and writing skills, with ability to rapidly and accurately break down technical topics and effectively assess and communicate risks and potential impacts to a wide variety of audiences
What else would be great:
- Experience as part of a red team or purple team in a corporate environment, or performing red team exercises on behalf of corporate clients
- Experience with incident response or reverse engineering
- OSCP, OSCE, OSEP, GREM, GPEN, GXPN, GWAPT, CEPT, or equivalent advanced security certification a plus
- Proficiency in Russian, Chinese, Spanish, or other languages highly desirable
- Familiarity with the deep and dark web or illicit communities
Why Flashpoint is a Great Place to Work:
- Diversity. Flashpoint is committed to fostering, cultivating and preserving a culture of diversity, inclusion, belonging, and equity. We recognize that diversity is key to achieving our vision. We believe that every person and their experiences contribute to building a work environment and products and services that will change the world.
- Culture and Belonging. Our company’s culture isn’t something you join, it’s something you build and shape, and each person's unique backgrounds and experiences contribute to who Flashpoint is and will become. You will have ample opportunities to connect with coworkers through various communication channels and company-funded virtual events: book clubs, happy hours, committees, DIBE discussion group, Donut mixers, local team member meetups and much more.
- Perks. Flashpoint understands that personal wellness is one of the keys to a happy, healthy and productive work environment. That’s why we also prioritize health and wellness perks like gym reimbursements, expensed lunches, cool cultural initiatives and inclusive employee events.
- Career Growth. Flashpoint is invested in the growth of our team members and understands that frequent, two-way feedback is critical to that growth. We encourage regular one-on-ones with your manager, a regular schedule of performance reviews, learning and development opportunities, and guidance through formalized career paths; whether that be towards being a great manager, being a great individual contributor, or a lateral move to gain breadth of knowledge and experience.
- A Great Place to Work. Literally. According to the 99% of employees surveyed, Flashpoint earned designation as a Great Place to Work-Certified™ Company for 2021. 100% of employees agree that new hires are made to feel welcome and appreciated. If you are interested in learning more, please check out our Certified Profile.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation C DevSecOps Exploit GPEN GREM GWAPT GXPN Incident response Malware Open Source OSCE OSCP OWASP Pentesting PHP Python Red team Reverse engineering Risk management Scripting Threat intelligence TTPs Vulnerabilities Vulnerability management
Perks/benefits: Career development Startup environment Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Staff Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Principal Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Security Researcher jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Specialist jobs
- Open Information System Security Officer (ISSO) jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open CISM-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open IAM-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open EDR-related jobs
- Open Malware-related jobs
- Open APIs-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open DevSecOps-related jobs