Gravity IT Resources
Job Title: Sr. Security Specialist
Work Authorization: USC/GC Holder
Job Type: FTE
Our client is the largest healthcare organization in the region, with 12 hospitals, more than 24,000 employees, 4,000 physicians and 100 outpatient centers, urgent care facilities and physician practices spanning across Miami-Dade, Monroe, Broward and Palm Beach counties. It has internationally renowned centers of excellence in cancer, cardiovascular care, orthopedics and sports medicine, and neurosciences. A not-for-profit organization supported by philanthropy and committed to its faith-based charitable mission of medical excellence, our client has been recognized by Fortune as one of the 100 Best Companies to Work For in America and by Ethisphere as one of the World’s Most Ethical Companies.
Everything our client does, it does to the best of its ability. That includes supporting its team with extensive training programs, millions of dollars in tuition assistance, comprehensive benefits and more. Working within its award-winning culture means getting the respect and support you need to do your best work ever.
The qualified candidate will use commercial vulnerability scanners and similar tools to assess host- and network-based vulnerabilities and secure configurations. Capable of determining true threats, false positives, and providing solutions to issues detected in a timely manner. Maintains proficiency in executing common and emerging cybersecurity attack tactics, techniques, and procedures. Develop, update, and maintain standard operating procedures and other technical documentation. Train and mentor junior analysts.
- Bachelor’s degree
- Five years of related work experience, preferably in IT Security, Information Systems, or IT related fields. OSCP, GCIH, GPEN, PenTest+, or CEH a plus.
- Experience in using Tenable.io platform.
- Ability to work in a team environment and collaborate with outside stakeholders to resolve issues.
- Excellent communication, writing, and interpersonal skills.
- Broad information cybersecurity knowledge, including familiarity with common attack methodologies, tactics and protocols, Advance Persistent Threat groups, Hacker activities, etc.
- Understanding of common network vulnerabilities and penetration testing tools and red teaming concepts.
- Assess host and network threats such as computer viruses, exploits, and malicious attacks.
- Capable of determining true threats, false positives, and providing solutions to issues detected in a timely manner.
- Develop, update, and maintain standard operating procedures and other technical documentation.
- Oversee the collecting, analyzing, escalating, responding, and producing documentation to cyber security attacks.
- Oversee the research, testing, and implementation of software and hardware solutions that enhance the capabilities of the cyber security program.
- Advocate for a reduced attack surface in the environment.
- Train and mentor junior analysts.
- Maintain up-to-date knowledge of cybersecurity threats, including – common attack methodologies, indicators of compromise, advanced persistent threat groups, current hacker activities, and adversarial tactics, techniques, and procedures.
- Focuses on career development through self-study online training and attending educational programs.
- Certs: OSCP/GCIH/GPEN/CEH/PenTest+
- Vulnerability scanning
- Pentest/penetration testing
- Webapp/API testing
- Burp/burp suite