Security Analyst III
Apply NowCompany: Compunnel Software Group
Location: Madison, WI 53711
Description:
Job Summary:
The Security Analyst IV will lead and execute complex security assessments, including penetration testing, vulnerability scanning, and risk assessments, to identify and mitigate security vulnerabilities. This individual will also be responsible for developing and implementing incident response plans, managing vulnerability management programs, and providing guidance to junior analysts. The role requires expertise in security technologies and methodologies, along with the ability to mentor team members and contribute to the development of security policies and procedures.
Key Responsibilities:
Security Assessments:
Lead and conduct complex security assessments, including penetration testing, vulnerability scanning, and risk assessments, to identify and mitigate potential security vulnerabilities.
Incident Response:
Develop, implement, and lead incident response plans, including containment, eradication, and recovery processes to address security breaches and incidents effectively.
Vulnerability Management:
Manage and continuously improve vulnerability management programs, ensuring timely identification, assessment, and remediation of security weaknesses across the organization.
Leadership and Mentorship:
Serve as a subject matter expert and provide mentorship and guidance to junior analysts, helping them develop their technical skills and security knowledge.
Security Policy and Procedure Development:
Play a key role in the development and implementation of security policies, procedures, and best practices to strengthen the organization's security posture.
Collaboration:
Collaborate with other teams, including network, systems, and application security, to ensure comprehensive security strategies and incident management.
Required Qualifications:
Experience:
8+ years of experience in security assessments, incident response, and vulnerability management.
Technical Skills:
Strong understanding of network protocols, operating systems, and security technologies (e.g., firewalls, intrusion detection/prevention systems, SIEM).
Security Tools:
Proficiency in using security assessment tools and techniques, including penetration testing and vulnerability scanning.
Incident Response Expertise:
Proven experience in developing and leading incident response activities, including containment, eradication, and recovery.
Preferred Qualifications:
Certifications:
Relevant security certifications such as CISSP, CISM, CEH, OSCP are highly desirable.
Security Policy Development:
Experience in developing and implementing security policies and procedures across an organization.
Advanced Security Tools Proficiency:
Familiarity with advanced security tools for threat detection, monitoring, and incident management.
Certifications (if any):
CISSP (Certified Information Systems Security Professional) - Highly preferred.
CISM (Certified Information Security Manager) - Highly preferred.
CEH (Certified Ethical Hacker) - Preferred.
OSCP (Offensive Security Certified Professional) - Preferred.
Education: Bachelors Degree
Certification: Certified Information Systems Security Professional , Certified Information Security Manager , Certified Ethical Hacker , Offensive Security Certified Professional
The Security Analyst IV will lead and execute complex security assessments, including penetration testing, vulnerability scanning, and risk assessments, to identify and mitigate security vulnerabilities. This individual will also be responsible for developing and implementing incident response plans, managing vulnerability management programs, and providing guidance to junior analysts. The role requires expertise in security technologies and methodologies, along with the ability to mentor team members and contribute to the development of security policies and procedures.
Key Responsibilities:
Security Assessments:
Lead and conduct complex security assessments, including penetration testing, vulnerability scanning, and risk assessments, to identify and mitigate potential security vulnerabilities.
Incident Response:
Develop, implement, and lead incident response plans, including containment, eradication, and recovery processes to address security breaches and incidents effectively.
Vulnerability Management:
Manage and continuously improve vulnerability management programs, ensuring timely identification, assessment, and remediation of security weaknesses across the organization.
Leadership and Mentorship:
Serve as a subject matter expert and provide mentorship and guidance to junior analysts, helping them develop their technical skills and security knowledge.
Security Policy and Procedure Development:
Play a key role in the development and implementation of security policies, procedures, and best practices to strengthen the organization's security posture.
Collaboration:
Collaborate with other teams, including network, systems, and application security, to ensure comprehensive security strategies and incident management.
Required Qualifications:
Experience:
8+ years of experience in security assessments, incident response, and vulnerability management.
Technical Skills:
Strong understanding of network protocols, operating systems, and security technologies (e.g., firewalls, intrusion detection/prevention systems, SIEM).
Security Tools:
Proficiency in using security assessment tools and techniques, including penetration testing and vulnerability scanning.
Incident Response Expertise:
Proven experience in developing and leading incident response activities, including containment, eradication, and recovery.
Preferred Qualifications:
Certifications:
Relevant security certifications such as CISSP, CISM, CEH, OSCP are highly desirable.
Security Policy Development:
Experience in developing and implementing security policies and procedures across an organization.
Advanced Security Tools Proficiency:
Familiarity with advanced security tools for threat detection, monitoring, and incident management.
Certifications (if any):
CISSP (Certified Information Systems Security Professional) - Highly preferred.
CISM (Certified Information Security Manager) - Highly preferred.
CEH (Certified Ethical Hacker) - Preferred.
OSCP (Offensive Security Certified Professional) - Preferred.
Education: Bachelors Degree
Certification: Certified Information Systems Security Professional , Certified Information Security Manager , Certified Ethical Hacker , Offensive Security Certified Professional