- Educational knowledge of, or limited experience executing, ethical hacking and penetration testing.
- Introductory knowledge regarding security vulnerabilities, application analysis, and protocol analysis.
- Strong attention to detail.
- Strong verbal and written communication skills.
- Strong analytical and problem solving skills.
- Practical experience with Linux and Windows operating systems.
- Familiarity with common programming or scripting languages. Knowledge regarding security vulnerabilities, application analysis and network protocol analysis.
- Knowledge of methods for on-going evaluation of the effectiveness and applicability of information security controls (e.g., vulnerability testing, and assessment tools).
- Ability to understand information security risks associated with vulnerability and penetration testing.
- Ability to analyze vulnerabilities in order to appropriately characterize threats and provide remediation advice.
- Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE).
- Bachelor’s degree in Computer Science or related field required.
- At the manager’s discretion, additional relevant experience may substitute for the degree requirement.
- Typically requires 2 years Security Analyst experience with 1+ years experience performing vulnerability assessments and penetration testing.
- Experience applying ethical hacker techniques, phishing schemes, evaluating emerging logical security threats, and compromised server techniques preferred.
- Current CEH, GPEN, CISSP, and GCIA certifications preferred.