Returning Candidate?

Cyber Vulnerability Analystand Penetration Tester(II)

Cyber Vulnerability Analystand Penetration Tester(II)

Req # 
US-TX-San Antonio
Cyber Security

Job Overview

Overview & Responsibilities


  • Responsible for conducting vulnerability assessment scans, assisting with penetration testing, exposing security vulnerabilities and risks, and recommending solutions to mitigate such vulnerabilities.
  • Contributes to building and delivering services, solutions and processes that enable security defects to found, fixed or avoided before applications are released to production.
  • Tracks public and privately released vulnerabilities and assists in the corporate triage process including: identification, criticality evaluation, remediation planning, communications, and resolution.
  • Conducts vulnerability assessment scans, exposing security vulnerabilities and risks and recommending solutions to mitigate such vulnerabilities.



  • Assists with mobile black box testing, source code analysis, manual pen testing, and vulnerability assessments.
  • Prepares reports on vulnerability and penetration testing and works with business units to develop remediation plans.
  • Keeps up with the changing nature of security threats.
  • Schedules and executes vulnerability/ penetration testing.
  • Contributes to the corporate vulnerability triage process.
  • Works closely with the Risk Management, ISOC and Intel teams.
  • Researches and investigates new and emerging vulnerabilities and participate in external security communities.



  • Educational knowledge of, or limited experience executing, ethical hacking and penetration testing.
  • Introductory knowledge regarding security vulnerabilities, application analysis, and protocol analysis.
  • Strong attention to detail.
  • Strong verbal and written communication skills.
  • Strong analytical and problem solving skills.
  • Practical experience with Linux and Windows operating systems.
  • Familiarity with common programming or scripting languages. Knowledge regarding security vulnerabilities, application analysis and network protocol analysis.
  • Knowledge of methods for on-going evaluation of the effectiveness and applicability of information security controls (e.g., vulnerability testing, and assessment tools).
  • Ability to understand information security risks associated with vulnerability and penetration testing.
  • Ability to analyze vulnerabilities in order to appropriately characterize threats and provide remediation advice.
  • Familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE).



  • Bachelor’s degree in Computer Science or related field required.
  • At the manager’s discretion, additional relevant experience may substitute for the degree requirement.
  • Typically requires 2 years Security Analyst experience with 1+ years experience performing vulnerability assessments and penetration testing.
  • Experience applying ethical hacker techniques, phishing schemes, evaluating emerging logical security threats, and compromised server techniques preferred.
  • Current CEH, GPEN, CISSP, and GCIA certifications preferred.