black lantern security
Attack Surface Management (ASM) Cybersecurity Analyst
Share this job
Job Description
Black Lantern Security is a Services Oriented Company
---------------------------------------------------------
- Black Lantern Security is built around the ingenuity, passion, and determination of our Operators and Analysts
- No one "mastermind"
- No "cult of personality"
- Competitive compensation and benefits
- Healthy work-life balance
- Project-based engagements that play to the team's strengths
Attack Surface Management (ASM) Cybersecurity Analyst ### Location: Remote Travel: Up to 10% travel possible, both domestically and internationally Experience Level: Entry - Mid Level
##### Responsibilities:
- Perform data collection in support of ASM
- Identify vulnerabilities, communicate risk, and verify root cause
- Perform verification/validation testing for vulnerabilities in external-facing web sites, web applications, and services; demonstrate exploitation steps and verify remediation/fixes
- Develop custom tools and small utilities
- Generate comprehensive reports, including detailed findings, exploitation procedures, and mitigation techniques
##### Preferences:
* Strong understanding of OWASP common vulnerabilities and testing methodologies * Ability to communicate risks caused by web-based application vulnerabilities * Possess basic cybersecurity professional certifications (Security+, GSEC, SSCP) * Experience with ASM/OSINT tools and utilities (BurpSuite, AMASS, PassiveTotal, SecurityTrails, Nuclei, Recon-NG, GoWitness, MassDNS, Masscan, Censys.io, etc.) ##### Requirements:
- Must be US citizen (must be willing to submit to federal, state, and local background checks as well as other requirements)
- Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, Path Traversal Attacks, Remote Execution Flaws, and Authentication Flaws
- Understanding of common web application frameworks and web-based APIs
- Experience with one or more scripting languages such as Bash, Python, Perl, PowerShell, etc.
- Solid understanding of Open-Source Intelligence (OSINT) gathering techniques in support of ASM (subdomain discovery/enumeration, service and application enumeration, and content discovery, etc.)
- Ability to manage, organize, analyze, and present substantial amounts of data
- Strong written and verbal English language skills
- Capable of working effectively and efficiently with minimal supervision
Keep looking
Similar Remote IT And Developer Jobs
Hewlett Packard Enterprise | HPE
Pre-Sales Engineer, Cybersecurity
ADG Tech Consulting
Senior Data Engineer - DevOps
Cutsforth
Data Engineer
Ardent Eagle Solutions