Senior Cybersecurity Analyst/Pen Tester

** Please Note: this is position is NOT REMOTE and located in Rome NY **

** You must be legally authorized to work in the United States **

Job Summary

The Senior Cyber Security Analyst is responsible for configuring and utilizing an array of different security tools, specifically to provide Compliance Reporting, Alerting, Incident Analysis and Penetration Testing. The Senior Cyber Security Analyst is an architect / implementer of security solutions and works with other engineers and product focused personnel to provide the best possible solution for the client. Emphasis is placed on the ability to thoroughly understand client needs and to make sound recommendations. The Senior Cyber Security Analyst will have responsibility for writing technical reports and document findings as evidence for reporting and Incident Response as required.

Essential Functions:

• Conduct comprehensive network penetration tests for M.A. Polce and our clients, document and present findings.
• Consult with clients to effectively understand technical requirements and translate to a solution
• Able to decipher Security Events and Event correlation using an array of Security Tools (including logs from FMC, Graylog, M365, MDR, EDR, etc.).
• Must follow current compliance procedures, assure clear and accurate documentation, and develop or implement efficient tools and procedures to ensure compliance
• Good organizational skills to maintain documentation and evidence gathering for reporting and Incident analysis
• Configure and utilize various vulnerability scanning and reporting tools
• Work with vendor support to resolve any issues that may arise
• Must be confident in asking questions and bringing attention to concerns that may arise
• Participation in on-call with other members of the team to support Incident Response for client

Desired Skills:

• Experience performing web application penetration tests
• Experience with scripting and programming languages such as Python or PowerShell is a plus

Required Qualifications:

• Minimum 5 years of experience in Cybersecurity
• Proven experience performing network penetration test with a strong background in ethical hacking and offensive security techniques
• Strong documentation skills and writing skills
• Strong analytic skills
• Must be able to obtain and maintain security clearances for clients
• Must be able to drive and travel overnight to support clients

Preferred Qualifications:

• Knowledge and experience in the Security Frameworks: NIST, CSF, RMF, CIS
• Minimum of 3 years' experience with vulnerability scanning and reporting
• Networking knowledge including firewall rules and TCP/IP protocols and ports

Desired certification/ Licensing:

• Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), or Certified Ethical Hacker (CEH)

Education:

• Bachelors of Science degree in Cybersecurity, Computer Science or other Information Technology discipline

Other Requirements:

• Successful background check

Physical/Sensory Demands:

• Stand- Occasionally
• Walk- Occasionally
• Sit- Regularly
• Use Hands- Regularly
• Reach with hands and arms- None
• Climb or Balance- None
• Stoop, Kneel, Crouch or Crawl- None
• Talk/Hear- Regularly
• Taste/Smell- None
• Lift and/or Move (approx. 50#s or less)- Occasionally