Vulnerability Analyst

Chicago, Illinois 60606

Employment Type:
Direct
Date Added:
June 26, 2015

Palace Gate Corporation is currently seeking a Vulnerability Analyst for our premier client in Downtown Chicago. This is a FTE direct hire opportunity.

Duties & Responsibilities:

  • Monitor database audit data, especially HPA (Highly Privileged Access) activities of Oracle 11, MS-SQL and Informix database administrators
  • Partner with IT / Business Leaders, Audit and Compliance to identify database security risks, classify and prioritize those risks, implement controls to reduce or eliminate risks and ensure adherence.
  • Craft access control/ monitoring mechanisms, not limited to; lock out/expire default; unneeded accounts; change default passwords, and; enforce password complexity & expiration policies
  • Analyze vulnerability test reports focused on databases and suggest remediation / mitigation plan.
  • Coordinate, manage and conduct database vulnerability tests and remediation with end users; and participate in dynamic/static application code scans/assessments.
  • Determine deviations from acceptable configurations, enterprise or local policy
  • Keep track of new vulnerabilities on various databases, network and infrastructure components.
  • Utilize both manual methods and automated tools to identify and remediate vulnerabilities
  • Provide technical consultation on application design, architecture and system performance, and evolving technologies
  • Conduct research on and maintain proficiency in computer network exploitation, tools, techniques, countermeasures, and trends in computer network vulnerabilities, network security, and encryption
  • Prepare audit reports that identify technical and procedural findings and provide recommended remediation strategies/solutions for standards such as PCI, ISO 27001 and CoBIT

Qualifications:

  • A minimum 5 -9 years of IT security related experience in software security testing, application security architecture, operating system, network and databases
  • Experience with ticket tracking tools such as ServiceNow or Remedy
  • Experience of Network Security technology in areas of Firewall, IPS, VPN, gateway security solutions (proxy, web filtering)
  • Expert knowledge on VM scanning using tools such as Qualys, Weblnspect, AppScan, Burp Suite, Nessus, NMAP, Veracode and Fortify
  • A minimum 2 years of experience of performing penetration tests using automated security tools and manual techniques.
  • Knowledge of Linux, Unix and Windows platforms

Education & Certifications:

  • One or more relevant security certifications (e.g. GClA, GSNA, GCIH, CEH, GIAC) – Preferred
  • Bachelor's degree in Computer Science, Computer System Engineering or other technical

Qualified candidates may send their resume to: Jennifer@palacegatecorp.com

Palace Gate Corporation is an information technology consulting and full-time placement firm that is committed to the success of our clients and our talented placements alike. Palace Gate is consistent in matching the right people with right opportunity. Our company approach is simple: understand our clients’ requirements, business needs and cultures in order to quickly identify the best resources to meet those needs and achieve business success. Palace Gate Corporation offers full medical and dental insurance, 401K, as well as weekly direct deposit.