Cyber Vulnerability & Pen Tester Analyst III

United States - Remote

Full Time Senior-level / Expert
Rackspace logo
Rackspace
As a cloud computing services pioneer, we deliver proven multicloud solutions across your apps, data, and security. Maximize the benefits of modern cloud.
Apply now Apply later

Overview: In this role, you will lead Rackspace’s vulnerability management program by developing and driving strategic initiatives to improve the program through expansion of risk exposure capabilities and operational rigour related to vulnerability scanning, segmentation validation, remediation guidance, automation, and integration with IT systems and partnership with other teams.
Works autonomously with little to no instruction on daily work and new assignments.Completes moderate volume, high complexity tasks
Highly skilled and able to respond to unique and special situations
Understands the value proposition of the role with the organization and adapts strategy and tasking accordingly
Resolves complex issues where analysis of situations requires an in-depth evaluation of multiple factors
Understands what evaluation criteria and resolution methods and techniques will obtain desired outcomes
Technical escalations and project-oriented / business objective-oriented work
Proactively identifies, adapts, improves, automates, and builds new and existing processes, and identifies the need, mechanism, and implementation plan for new processes, driving for operational efficiency

You Have:

  • 5+ years in the information security field
  • Subject matter expert-level knowledge of security concepts and how they relate and apply to the business priorities and products
  • Strong foundation, or expert-level knowledge, in 3 of the following: System administration, networking, programming, incident response/threat analysis
  • Creates and coordinates the strategy to improve the program, and to serve as an escalation point for configuring new platforms and technologies for automated vulnerability assessments
  • Performs and recommends tools and strategies for performing vulnerability assessments on servers, workstations, cloud platforms, and other components

You Will:

  • Interpret and prioritize vulnerability scan results into remediation actions, and is able to create a reporting structure to enable follow-ups with tracking actions through to completion.
  • Familiar with vulnerabilities, remediation, and industry-standard classification schemes (CVE and CVSS) and how to apply data from these to be able to be usable to the business at scale
  • Summarizes findings into reports in a clear format that is actionable to business stakeholders
  • Lead, formulate and perform tabletop exercises and guides lessons learned and process or tooling improvements based on findings
  • Prioritizes missions based on expected value and impact to the organization.
  • Strong understanding of common programming or scripting languages such as Python, Bash, PowerShell, or JavaScript to support data collection, organization, and analysis and vulnerability assessments
  • Experience with version control systems such as Git, interacting with REST APIs, and configuration management tools such as Ansible
  • Familiar with vulnerabilities, remediation, and industry-standard prioritization and classification schemes (CVE, CVSS, vendor criticality and risk scores)
  • Postures and contextualizes vulnerability findings and escalates to areas of the business to be addressed as needed
  • Understands the technical risk to the business that a vulnerability represents, and articulates this risk to key decision-makers.
  • A foundational understanding of the major compliance regulations, such as PCI, HIPAA, HITRUST, or FedRAMP, with a good understanding of the controls surrounding vulnerability management

Education:

  • Bachelor's degree in Computer Science, Cybersecurity, or other related major

Certifications:

  • At least two advanced security certifications. For example Offensive Security certification (OSCP, OSEE, OSWE), GIAC certification (GCIH, GWAPT, or GPEN), or (ISC)2 certification (CISSP, SSCP, CCSP)

About Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future.  More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know.  Position is available for remote work in the following states unless otherwise specified. Alabama, Arizona, Arkansas, California, Connecticut, Delaware, District of Columbia, Florida, Georgia, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin, Wyoming.
Job region(s): Remote/Anywhere North America
Job stats:  32  3  0
  • Share this job via
  • or

Explore more Information Security career opportunities