SCIGON is seeking a Cyber Security Analyst for a full-time position in Northbrook, IL.
- Conducts security assessments using automated and ad-hoc tools with manual assessment and exploitation as needed.
- Conducts penetration testing against different technological domains including, but not limited to, web and mobile products, embedded and hardware products, wireless products, software, cloud based software, and smart device applications. These technological domains reside in critical infrastructure, nuclear, building automation, lighting, life safety, digital video, large commercial appliances, smart home and automotive.
- Assess and calculate risk based on vulnerabilities and exposures discovered during testing.
- Create required information security documentation, technical reports and formal papers on test findings, and complete requests in accordance with requirements.
- Handle and complete customer projects to the defined requirements in the timeframe required by customer with the highest quality and integrity of work.
- Meet and exceed customer’s expectations with projects and other related tests and activities.
- Demonstrates a deep interest in learning new technology platforms for security testing.
- Keeps abreast of the latest security news, trends, attacks, tools, and techniques.
- University Degree (Bachelor’s degree or higher) in Computer Science or a related discipline plus generally two years’ experience in cybersecurity, software development, or ethical hacking.
- Strong expertise in testing in one or more of the following domains: web and mobile products, embedded and hardware products, wireless products, software, cloud based software, and smart device applications.
- Preferred experience with in critical infrastructure, nuclear, building automation, lighting, life safety, digital video, large commercial appliances, smart home and automotive.
- Experience installing and using various operating systems, application packages, and tools.
- Hands-on experience with commercial and open source security solutions such as: AppSpider, Burp Suite, Metasploit Pro, Nexpose, Nessus, Kali Linux, Synopsys Defensics, Synopsys Coverity, Synopsys Protecode, Raspberry Pi, Arduino, etc.
- Understanding of security issues on various operating systems, web and mobile applications, network components, embedded systems, and databases.
- Experience with one or more programming or scripting languages.
- Knowledge of industry standards and best practices a plus, such as IEEE, IEC, NIST SP 800 series, DISA STIGs, etc.
- Security related certifications a plus: CEH, CISSP, GIAC, OSCP, OSCE