We are seeking a Senior Security Analyst with 7-12 years of experience to join our award winning team focused on delivering innovative technology solutions spanning mobile, enterprise web and gamification. The position’s primary responsibility is to deliver best in class penetration testing and vulnerability assessment of software and systems, focused on mobile and web applications. The candidate must be able to communicate effectively, demonstrate a high degree of technical qualification, and work across the organization, both performing analysis on systems developed internally, for clients, and by third parties. The candidate will make software assurance testing part of the system development lifecycle across the organization. The candidate will work closely with the cross functional teams, communicate the needs and priorities, and also work with key stake holders to ensure expectations are managed, and the project delivered to satisfaction.
As a Senior Security Analyst, you will:
- Perform vulnerability assessments of networks and systems using a combination of commercial and free/open source tools in order to gauge risks posed by network and system design
- Perform penetration testing of web and mobile applications using a combination of commercial and free/open source tools in order to demonstrate a capability to exploit vulnerabilities present within software and systems
- Create and communicate security analysis reports which combine vulnerability and penetration testing along with security requirement analysis and traceability to demonstrate to internal and external parties the need for improvement
- Develop test plans, system specifications, hardening guides, and other tools to assist in the defense of exposed systems
- Present findings to internal and external parties, including senior management, demonstrating both risks and potential mitigations in a way that all parties can understand and act upon
- Participate in pre-sales support activities such as scoping proposed solutions, resources and risk analysis
- Engage in selection of tools and products to improve capability to deliver these services in the most efficient and cost-effective ways
We’re looking for well-rounded individuals with a deep technical background along with communication and project management experience.
- 5+ years performing penetration testing of web applications
- 3+ years performing penetration testing of mobile applications including both IOS and Android
- Deep technical experience in either open source or enterprise grade commercial tools for vulnerability assessment and penetration testing such as Retina, Core Impact, Qualys, Metasploit, Secunia, and/or Nessus.
- Experience communicating findings and suggested remediation with senior management
- Python and Perl programming experience are required
- System administration experience with both Windows and *nix operating systems
- Experience with common industry vulnerability standards such as OWASP Top 10 and CWE/SANS Top 25
- University degree (or equivalent), advanced degree preferred
- Active security industry certifications such as CISSP and CEH preferred
- 5-12 years full-time experience
- Must possess strong interpersonal skills, a passion for excellence and a “can-do” attitude
- Ability to multi-task, self-direct, and manage deadlines
- Strong analytical skills
10Pearls is a growing, energetic, and highly-reputed product development company that specializes in mobile apps, enterprise software, gamification and great user experiences. Led by an experienced management team, and serving impressive clients, 10Pearls is seeking professionals with entrepreneurial spirits. We seek professionals who thrive on new challenges. Our employees have the unique opportunity of not only helping solve challenges for our clients, but also to help define 10Pearls’ growth and direction. Our unique business practices, culture and immense opportunity for growth help us attract professionals that have an entrepreneurial spirit. 10Pearls‘ diverse clientele includes start-ups and entrepreneurial ventures, high growth small and medium-sized business, as well as, large enterprises and corporations that are publicly traded.
We are an equal opportunity employer and are committed to maintaining a diverse workplace.
If you’re up for the challenge, please send a cover letter and resume via email with the subject line “Senior Security Analyst” to