Information Security Analyst
XDIN subsidiary of ALTEN Group, includes 500 employees dedicated to the automotive engineering development. ALTEN is a Leader in Engineering & Information Technology system, and operates in over 21 countries (Europe, North America, Asia, Africa and Middle East) with more than 28,000 employees of which 88% are engineers.
At XDIN, we are always looking for world-class talent to lead our global teams through commitment and dedication to our OEM and Tier I clients. We believe in quality support from concept through production, and delivering the best customer experience while at the same time attaining a great place to work!
- Competitive wages, BOE.
- Major health, dental insurance benefits and vision savings plan. 401k, and basic life.
- Supplemental benefits such as short-term disability, accident, cancer and life insurance.
- Paid company holidays and earned time off.
We place a high value on thought leadership. We want every employee to develop all the skills required to become an engineering and technology thought leader; contributing to the knowledge assets of our team and our clients. From day one, every consultant is trained and mentored to elevate their careers.
- Performs network and application technical vulnerability assessments using vulnerability assessment tools.
- Performs penetration testing activities to detect vulnerabilities and attack chains.
- Utilizes penetration testing skills to conduct analyses to gather deeper situational awareness and provide greater security insight of the environment.
- Lead the Security Awareness efforts, including facilitating presentations on topics of relevance, evaluating and implementing awareness training
- Assist in network security efforts including Data Loss Prevention, Intrusion Prevention and SIEM analysis
- Test security measures including OS patches, system hardening, and application configuration
- Monitor, review and troubleshoot alerts
- Review, interpret and adapt customer, regulatory and corporate security and compliance requirements into technical design options
- Apply knowledge of technical, analytical skills to ensure the confidentiality, integrity, and availability of all information systems assets and ensure compliance with company policies, procedures, contractual, and regulatory requirements.
- Produce security policies, standards, and guidelines
- Perform security research
- Produce security risk advisories based on newly identified threats and risk assessment
- Assist in performing IT audit, third party evaluations, and risk assessment activities
- Bachelor’s degree in Information Technology, Computer Science or a related discipline
- Approximately 3 years’ work experience in Information Security in an enterprise network (Internships and Co-Ops can be included)
- A recognized information security certification or accreditation such as Security+, CISSP, or CEH is a plus.
- Fundamental understanding of penetration testing techniques and technologies
- Fundamental understanding of application development security concepts such as OWASP Top 10 Vulnerabilities
- Fundamental understanding of Active Directory administration and Windows authentication
- Fundamental understanding of security technologies such as SIEM, IDS/IPS, Web filters, two-factor authentication, web application firewalls
- Fundamental understanding of Malware detection, analysis, exploitation, containment, and eradication techniques experience
- Experience with systems analysis including, but not limited to: Gathering requirements from stakeholders, Constructing RFP/RFQs, devising and planning proof-of-concepts, defining use and test cases, driving critical security infrastructure projects, creating cogent status reports for senior management, strong technical understanding of vulnerabilities, and how attackers can exploit vulnerabilities to compromise systems.
- Excellent verbal, written, and presentation skills; in particular, demonstrated ability to effectively communicate technical and business issues and solutions to multiple organizational levels internally and externally as needed
- Knowledge of security frameworks and governance such as NIST, ISO27000 series, HIPAA, GDPR, PCIDSS
- Solid analytical and problem solving skills; ability to think strategically and turn ideas into actions
- Familiarity with Project Management concepts.
- Familiarity with scripting languages such as Python
- Ability to work with little supervision and consistently deliver results
The Location: This opportunity is based in Greensboro, NC.