Security Analyst - Pen Tester - Quantum Security｜Meet.jobs

The Ideal Candidate

You are a highly motivated, bright, dynamic and adaptable individual contributor that thrives in an innovative, performance-oriented environment. Continual learning is everything and you want to be a key contributor in a team full of diverse, experienced technology and business professionals. Deep down you have a passion for life, embrace change and thrive in a creative environment. You understand what motivates customers and team members alike and you find solutions to their problems that are economic, strategic and elegant. How would others that you have worked with describe you? Is this you?

Joining the team gives you the opportunity to: work on a disruptive company that’s still in its very early stages, solving challenging problems as it seeks to become the next generation managed security service provider. You’ll work for a hyper-growth company that is focused on delivering the highest quality product in the market where your work has direct impact on customers every day.

Your Purpose

Quantum was born with a simple mission and that’s to protect you from the threats whilst preparing you for the worst. The cyber threats are vast and continue to advance in their techniques and motivations to take your data, extort your company or just cause you harm. We meet with many organizations who have chosen to defend themselves by purchasing tools and hoping they are effective against threats. At Quantum, we start with a strategic risk-based approach and spend the appropriate energy and resources against the biggest risk part of your organization. Additionally, our managed SecOps solution ensures you understand your risk and compliance posture continuously.

We fully understand that no matter how much cybersecurity defense is in front of your data – a breach can occur. Quantum is extremely effective at reducing the likelihood for an incident but as alerts and incidents do happen, we have the proper capabilities to limit its impact, so it doesn’t become a breach. This is achieved with our fully integrated platform, smart queries / rulesets and uses of ML, and team which is obsessed with your protection.

As the Security Analyst - Pen Tester, you are expected to lead and execute security engagements with customers to conduct Vulnerability and Penetration Testing, other related consulting work. You will work closely with the sales teams and support their efforts in pursuing opportunities and providing necessary pre-sales support based on your superior and comprehensive understanding of the cybersecurity threat landscape and potential solutions to mitigate them. You will also work closely with other members of the delivery and execution teams in not only delivering services but also in formulating new offerings based on market needs.

Your Responsibilities

• Participate in Security Assessments and Perform formal penetration tests on web-based applications, networks and computer systems, and
• Conduct physical security assessments of servers, systems and network devices
• Design and create new penetration tools and tests
• Probe for vulnerabilities in web applications, fat/thin client applications and standard applications
• Pinpoint methods that attackers could use to exploit weaknesses and logic flaws
• Employ social engineering to uncover security holes (e.g. poor user security practices or password policies)
• Participate and lead red teaming, fuzzing, source code review and reverse engineering.
• Work on improvements for provided security services, including the continuous enhancement of existing methodology material and supporting assets
• Create measures for customers to eliminate security vulnerabilities
• Incorporate business considerations (e.g. loss of earnings due to downtime, cost of engagement, etc.) into security strategies
• Review and define requirements for information security solutions
• Work on

1. improvements for security services, including the continuous enhancement of existing methodology material and supporting assets
2. ensuring technical aspects and business processes are aligned

• Define and enable specific action plans to attain and maintain compliance to minimum requirements, security standards and project specific requirements.
• Research, document, present and discuss security findings with management and IT teams.
• Provide feedback and verification as an organization fixes security issue.
• Work closely with Sales in design and architecting of comprehensive security solutions for customers.
• Participate in customer facing discussions and workshops to explain   solutions, and approaches to addressing customer risk and security challenges.

Must Have Requirements

• Minimum of 6-7 years’ experience in cybersecurity or related areas.
• Hands on experience of conducting Vulnerability Assessments and Penetration Testing
• Windows, UNIX and Linux operating systems
• C, C++, C#, Java, ASM, PHP, PERL
• Network servers and networking tools (e.g. Nessus, NMAP, Burp, etc.)
• Computer hardware and software systems
• Web-based applications
• Security frameworks (e.g. ISO 27001/27002, NIST, HIPAA, SOX, etc.)
• Experience with various
  • security tools and products such as Fortify, AppScan, Nessus, etc.
  • Vulnerability analysis and reverse engineering
  • Metasploit framework
  • Forensics tools
• Understanding of Cryptography principles
• Good team player, with excellent verbal and written communication skills.
• Experience in
  • analyzing and responding to advanced cyber threats, technology risk and the motivation/attack vectors of each threat
  • Evaluating threats/risks posed by new technologies spanning networks, hardware, software, etc.
• Ability to take ownership of an initiative/issue through completion
• Work on accepting all types of change positively and handling changing workloads in response to changing circumstances.

Great To Have Requirements

• Experience in Consulting Assignments to Assess Organizational Security Posture, Develop Security Roadmaps etc.
• Experience in technically supporting sales and customer engagements through presales and other advisory activities.

Formal Education

• Required: Degree in Computer Science, Information Systems, Engineering, Digital Forensics or equivalent qualifications
• Strongly Preferred: Industry certification(s) such as CREST, OCSP, GPEN, are highly desirable.

Information Security Penetration Testing Cyber Security

At Quantum Security, we are adaptable, passionate, collaborative, energetic and innovative.

Benefits and perks of working with us include:

Compensation: Competitive salaries
Lifestyle: Casual dress code
Welfare: Dental insurance, Health insurance, Paid sick days