Cyber Vulnerability & Pen Tester Analyst III
United States - Remote
Applications have closed
Rackspace
As a cloud computing services pioneer, we deliver proven multicloud solutions across your apps, data, and security. Maximize the benefits of modern cloud.Works autonomously with little to no instruction on daily work and new assignments.Completes moderate volume, high complexity tasks
Highly skilled and able to respond to unique and special situations
Understands the value proposition of the role with the organization and adapts strategy and tasking accordingly
Resolves complex issues where analysis of situations requires an in-depth evaluation of multiple factors
Understands what evaluation criteria and resolution methods and techniques will obtain desired outcomes
Technical escalations and project-oriented / business objective-oriented work
Proactively identifies, adapts, improves, automates, and builds new and existing processes, and identifies the need, mechanism, and implementation plan for new processes, driving for operational efficiency
You Have:
- 5+ years in the information security field
- Subject matter expert-level knowledge of security concepts and how they relate and apply to the business priorities and products
- Strong foundation, or expert-level knowledge, in 3 of the following: System administration, networking, programming, incident response/threat analysis
- Creates and coordinates the strategy to improve the program, and to serve as an escalation point for configuring new platforms and technologies for automated vulnerability assessments
- Performs and recommends tools and strategies for performing vulnerability assessments on servers, workstations, cloud platforms, and other components
You Will:
- Interpret and prioritize vulnerability scan results into remediation actions, and is able to create a reporting structure to enable follow-ups with tracking actions through to completion.
- Familiar with vulnerabilities, remediation, and industry-standard classification schemes (CVE and CVSS) and how to apply data from these to be able to be usable to the business at scale
- Summarizes findings into reports in a clear format that is actionable to business stakeholders
- Lead, formulate and perform tabletop exercises and guides lessons learned and process or tooling improvements based on findings
- Prioritizes missions based on expected value and impact to the organization.
- Strong understanding of common programming or scripting languages such as Python, Bash, PowerShell, or JavaScript to support data collection, organization, and analysis and vulnerability assessments
- Experience with version control systems such as Git, interacting with REST APIs, and configuration management tools such as Ansible
- Familiar with vulnerabilities, remediation, and industry-standard prioritization and classification schemes (CVE, CVSS, vendor criticality and risk scores)
- Postures and contextualizes vulnerability findings and escalates to areas of the business to be addressed as needed
- Understands the technical risk to the business that a vulnerability represents, and articulates this risk to key decision-makers.
- A foundational understanding of the major compliance regulations, such as PCI, HIPAA, HITRUST, or FedRAMP, with a good understanding of the controls surrounding vulnerability management
Education:
- Bachelor's degree in Computer Science, Cybersecurity, or other related major
Certifications:
- At least two advanced security certifications. For example Offensive Security certification (OSCP, OSEE, OSWE), GIAC certification (GCIH, GWAPT, or GPEN), or (ISC)2 certification (CISSP, SSCP, CCSP)
About Rackspace TechnologyWe are the multicloud solutions experts. We combine our expertise with the world’s leading technologies — across applications, data and security — to deliver end-to-end solutions. We have a proven record of advising customers based on their business challenges, designing solutions that scale, building and managing those solutions, and optimizing returns into the future. Named a best place to work, year after year according to Fortune, Forbes and Glassdoor, we attract and develop world-class talent. Join us on our mission to embrace technology, empower customers and deliver the future. More on Rackspace TechnologyThough we’re all different, Rackers thrive through our connection to a central goal: to be a valued member of a winning team on an inspiring mission. We bring our whole selves to work every day. And we embrace the notion that unique perspectives fuel innovation and enable us to best serve our customers and communities around the globe. We welcome you to apply today and want you to know that we are committed to offering equal employment opportunity without regard to age, color, disability, gender reassignment or identity or expression, genetic information, marital or civil partner status, pregnancy or maternity status, military or veteran status, nationality, ethnic or national origin, race, religion or belief, sexual orientation, or any legally protected characteristic. If you have a disability or special need that requires accommodation, please let us know. Position is available for remote work in the following states unless otherwise specified. Alabama, Arizona, Arkansas, California, Connecticut, Delaware, District of Columbia, Florida, Georgia, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Virginia, Washington, West Virginia, Wisconsin, Wyoming.
Tags: Ansible APIs Automation Bash CCSP CISSP Cloud Compliance Computer Science CVSS FedRAMP GCIH GIAC GPEN GWAPT HIPAA HITRUST Incident response JavaScript Offensive security OSCP OSEE OSWE PowerShell Python Scripting SSCP Strategy Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open CI/CD-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs