Listing Description
Requisition ID:
req192
Job Title:
Penetration Test Analyst
Number of Openings:
2
Job Category:
Professional/Technical
Employment Type:
Regular Full-Time
Shift:
First
Weekends:
Not Required
Location:
Richardson, TX
Duties and Responsibilities:
• Analyzes, designs, and facilitates capabilities, solutions, or preventative/remediation controls to protect proprietary/confidential data and systems in accordance with industry standards and governance/compliance requirements
• Synthesizes solution design, architectural patterns, policy and regulatory frameworks, privacy considerations, and risks in the creation of holistic solutions that span technologies and capabilities
• Develops end-to-end security solutions leveraging existing or new capabilities, patterns, and/or processes
• Works across platforms and technologies to design holistic security designs that treat identified risks and enable strategic and/or tactical business or IT solutions
• Researches/investigates emerging business application security topics, threats, capabilities, and solution options to create/update policy and governance, technology strategies, solution architecture, and vulnerability assessments
• Applies industry standard risk management techniques and knowledge across various business application security capabilities (i.e. technical, application, data and mobile) to determine effectiveness of controls and to create action plans that remediate identified risks
• Demonstrates sound judgment in making decisions with respect to matters of moderate to high complexity and importance
• Assists in budgeting and component/project planning
• Participates in and/or leads vendor product reviews, evaluations, demonstrations, proofs of concept and implementations
• Applies broad-based knowledge of security technologies with an in-depth/specialized knowledge of at least one security tool to perform daily tasks
• Conducts architecture reviews to ensure security issues are appropriately addressed
• Coordinates security related activities
• Keeps abreast of business and IT industry trends and best practices to modify processes to meet changing needs and influence the direction of solutions
• Applies systems analysis techniques, including consultations with users to determine security specifications
Additional Details:
This Analyst position is on the Vulnerability Assessment & Management (VAM) team. The ideal candidates need to have a strong background in Information Security with at least 3-5 years of active Penetration Testing experience. Industry certifications like OSCP, OSCE, GXPN, or GPEN are highly desired.
Primary Assignment:
Help State Farm find & manages vulnerabilities across people, process & tools by leveraging an adversary's Techniques, Tactics & Procedures (TTPs) to find & fix actual gaps in defense-in-depth.
Responsibilities:
*Conduct network, infrastructure and application penetration tests to take the vulnerabilities out of the theoretical realm to truly demonstrate the risk.
*Use existing tools as well as self-created tools to be able to achieve the penetration testing objectives.
*Collaborate with various business partners including, but not limited to the blue teams, lines of business & control owners to make sure the impact of the risk is understood and managed.
*Establish excellent trust with the cyber defenders to make sure assessment activities improve the overall security posture of State Farm.
Previous experiences:
*Previous hands-on penetration testing experience with a focus on application penetration testing in an enterprise environment or a serious lab
environment.
*Excellent understanding of the state of information security, including, but not limited to TTPs of the attackers & techniques used in recent breaches.
*Strong experience in scripting
This position will have a 18-month incumbency period for a lateral move & a 6-month incumbency period for a promotional opportunity (beginning on the effective date of the position) which must be met before the employee can post for any other State Farm position. The incumbency period does not affect the at-will relationship between State Farm & the employee & does not create an employment contract.
SFARM PM18
Apply Here: http://www.Click2apply.net/tyc7zkbcyqkjhbvb
Listing Details
- Citizenship: Us Citizen
- Incentives: Not Provided
- Education: Bachelors Degree
- Travel: No Travel
- Telework: No Telecommute