A pharmaceutical client in Raritan, NJ is seeking to find a remote Web App Vulnerability Analyst to join their growing Attack Surface Management team in the ISRM IT organization. This team is responsible for server, workstation, and now Web Application vulnerability and remediation, and the goal is to lessen and remedy breach attacks for web apps as well as the infrastructure of servers and platforms. This individual should have some knowledge in programming and expertise with vulnerability scanning solutions since they will participate towards that effort through assessing and creating vulnerability reports. In order to be successful, this person will be cross functionally working with several end user stakeholder and teams to implement security patches and configurations and following compliance standards for security policies. Similarly, they will conduct regular vulnerability assessments using both automated and manual techniques, and updating the website code. This person will also be responsible for analyzing the results of this to prioritize vulnerabilities based on risk and impact, investigating the resolution of the incident and providing root causes, preparing the reports of the activity findings to communicate to non-technical stakeholders, and ensuring overall compliance in industry standards. This person will be designing and executing breach attack simulations to evaluate the effectiveness of security controls and incident response procedures. A qualified candidate will come from a web development background and have a general knowledge of IT Cyber Security. They should have a practical working knowledge of operational security, and have several experiences working on asset vulnerabilities and remediation, including web applications. This person will need to have excellent communication and presentation skills with a knack for problem solving.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
HR@insightglobal.com. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
5+ years of enterprise experience in end point security and vulnerability including light penetration testing, vulnerability assessment, and breach attack simulations.
3+ years of experience utilizing Selenium for authentication, SSO, etc. to drive remediation scanning for internal web applications
Wide breadth of security tool knowledge for vulnerability assessments, detection and platform protection of web applications, like Burp, Zap, Qualys, Insight AppSec, Tenable, and Veracode
Experience with operational web application remediation and security testing, including updating website code
Excellent analytical and problem-solving skills; strong communication skills, both written and verbal; ability to work independently and as part of a team in a fast-paced environment
Experience with scripting and automation (e.g., Python, PowerShell).
Knowledge of network protocols and technologies.
Familiarity with cloud security principles and practices.
Understanding of security architecture and design.
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.