Sr Information Security Ana
Sr. Information Security Analyst/ Penetration Tester has at least three (3) years demonstrable professional experience in networking, server infrastructure support or application development and support.
The tester must be able to perform active analysis of the system for any potential vulnerability that may result from poor or improper system configuration, hardware/software flaws, current operational weakness or technical countermeasures.
Penetration Tester must be able to engineer security solutions to protect a variety of users, applications, platforms and computing environments, including development and maintenance of security testing and vulnerability assessment tools, methodology and procedures.
Tester will have solid experience in networking and security including strong knowledge of all elements of LAN and WAN Internet, vulnerability assessments and encryption. He or she should be able to show proficiency with various network, host and application security protocols, tools and vulnerability assessment packages.
The position requires minimal travel and will report administratively to a Manager and will be based in Charlotte, NC.
- Provide support for Enterprise Information Security in the development, implementation, communication and maintenance of penetration and vulnerability management program
- Conducts hands-on security evaluations, threat modeling and penetration testing of applications and systems infrastructure.
- Performs active analysis of the system for any potential vulnerability that may result from poor or improper system configuration, hardware/software flaws, current operational weakness or technical countermeasures.
- Provides reports to management regarding penetration testing results and makes recommendations for the adoption of new policies, standards and procedures.
- Interfaces with user community to understand their security needs and implements procedures to accommodate them.
- Acts as a consultant on all aspects of system and data security.
Accredited degree in Computer Science, related field or equivalent years of experience.
Minimum of three (3) years IT/technical experience is required, to include:
Three (3) or more years of progressive IT support experience
Versed in secure internetworking technologies, such as firewalls, intrusion detection systems, intrusion prevention systems and VPNs as they relate to the external security posture of a client organization.
Possess application knowledge of NIST SP 800-40 v2, 800-41, 800-42 and Open Source Security Testing Methodology.
Possess secure software development experience and/or solid scripting/coding skills.
Possess knowledge of cryptographic standards, ciphers, algorithms and PKI.
- Strong written and verbal communications skills.
Duke Energy - 24 months ago
Duke Energy Carolinas (formerly Duke Power) energizes the Carolinas as well as its parent company's sales. A part of top US power firm...