GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions and minimize risk. By taking a three-tiered, holistic approach for evaluating security posture and ecosystems, GuidePoint enables some of the nation’s top organizations, such as Fortune 500 companies and U.S. government agencies, to identify threats, optimize resources and integrate best-fit solutions that mitigate risk.
Vulnerability Analysts who work for GuidePoint are knowledgeable and passionate technologists who are self-motivated and self-directed. They are willing to take ownership of and be materially involved in the complete professional services lifecycle, from pre-sales through delivery. Most importantly, they take direction well, function as part of a team, and are willing to learn and absorb new security focused technologies and disciplines. They are passionate about customer service, and invest themselves in fostering and maintaining positive relationships with their customers. Life-long learners, GuidePoint’s analysts are never satisfied with the status quo and constantly challenge themselves to improve, both personally and professionally.
Technical Skills & Knowledge Required:
- Experience with the entire vulnerability management lifecycle, assisting with building and maintaining vulnerability management programs in large and complex environment
- Must have strong experience with Qualys
- Experience performing basic scripting tasks using only what is found in the environment, such as BASH, PowerShell, Python, Perl or other native scripting languages a plus
- Experience with Kenna Security, Nucleus, Brinqa or similar risk management tools a plus
- Experience with ServiceNow integrations a plus
- Experience with Microsoft VM tools a plus
- An understanding of operating systems such as Windows Server, Windows 10/7, Mac OSX, RHEL, and Ubuntu Linux and the ability to perform basic functions at the CLI
- An understanding of networking concepts, protocols and detailed knowledge of how networks function
- A strong understanding of systems design and implementation
- An understanding of how and why vulnerabilities exist and are exploited
- Ability to understand and articulate complex vulnerability information to both technical and non-technical audience
- Ability to quantify true risk of vulnerability findings given environmental and extenuating circumstance
- Ability to interpret vulnerability scan results and build creative remediation strategies to remediate vulnerabilities
- Ability to design compensating controls when technical fixes may not be feasible
- A working knowledge of Application Security and infrastructure specific vulnerabilities such as those included in the OWASP Top 10 (SQL Injection, Cross-site Scripting, etc.)
- Strong written and verbal communication skills
- A strong desire to learn new technologies and contribute to a fast-growing company
Other relevant experience:
- Experience with programming languages such as Python, Java, C, C++, C#, PHP, Ruby or .NET
- Hands on experience hardening systems to benchmarks such as CIS, NIST, etc.
- Experience with enterprise software deployment tools such as SSM, JAMF, BigFix, or Tanium
- Familiarity with other Information Security tools such as Nessus, Kismet, Nmap, Burp, Netsparker, WebInspect, AppScan, Nexpose, Core Impact, Metasploit, etc.
- Bachelor's degree in Computer Science, Engineering, Information Systems / Security or related discipline preferred
Why GuidePoint?GuidePoint Security is a rapidly growing, profitable, privately-held value added reseller that focuses exclusively on Information Security. Since its inception in 2011, GuidePoint has grown to over 700 employees, established strategic partnerships with leading security vendors, and serves as a trusted advisor to more than 3,000 Enterprise-Level customers.
Firmly-defined core values drive all aspects of the business, which have been paramount to the company’s success and establishment of an enjoyable workplace atmosphere. At GuidePoint, your colleagues are knowledgeable, skilled, and experienced and will seek to collaborate and provide mentorship and guidance at every opportunity.
This is a unique and rare opportunity to grow your career along with one of the fastest growing companies in the nation.Some added perks….
- Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
- 100% employer-paid medical and dental premiums with generous employer family contributions
- 11 corporate holidays in 2022 (12 in 2023) and a Flexible Time Off (FTO) program
- Healthy mobile phone and home internet allowance
- Eligibility for retirement plan after 2 months at open enrollment
- Pet Care plan