Understand the concepts of Planning, designing, engineering, development, implementing the vulnerability management process. Provide subject matter expertise around (VA/PT) vulnerability analysis and penetration testing methodologies. Evaluate and implement new technologies, policies, and procedures for business network operations. Perform assessments and prepare reports in support of data network monitoring, improvement, and regulatory compliance.
• Analyze and understand mobile carrier network for security assessment needs.
• Perform security assessments for the exploitation of OWASP top 10 and SANS top 25. Knowledge of cyber security frameworks like NIST, SANS will be added an advantage.
• Perform security design, secure architecture and security testing of current organization infrastructure and needs.
• Perform vulnerability assessments and penetration testing using enterprise and open source tools. Validate results and provide vulnerability evidence procedures.
• Perform PCI internal/external penetration testing and provide recommendations accordingly.
• Perform security engineering tasks and daily security operations to align assessment with assessment standards.
• Perform security assessment audits to make sure that the networking environment is SOX, CPNI and PCI compliant.
• Apply advanced cyber security concepts like threat intelligence, Security automation and IoT.
THE PRECEDING JOB DESCRIPTION INDICATES THE GENERAL NATURE, ESSENTIAL DUTIES, AND RESPONSIBILITIES OF WORK TO BE PERFORMED. IT DOES NOT CONTAIN A COMPREHENSIVE INVENTORY OF ALL DUTIES, RESPONSIBILITIES, AND QUALIFICATIONS REQUIRED TO DO THIS JOB. TO PERFORM THIS JOB SUCCESSFULLY AN INDIVIDUAL MUST BE ABLE TO PERFORM EACH ESSENTIAL DUTY SATISFACTORILY. THE REQUIREMENTS LISTED ABOVE ARE REPRESENTATIVE OF THE KNOWLEDGE, SKILL AND/OR ABILITY REQUIRED. REASONABLE ACCOMMODATIONS MAY BE MADE TO ENABLE INDIVIDUALS WITH DISABILITIES TO PERFORM THE ESSENTIAL FUNCTIONS.
• Bachelor’s Degree or equivalent experience in related technical / business area; Master’s Degree preferred.
• Minimum 4 years relevant work experience
• Certifications like CEH, Security+ will be preferred; Certifications in CISSP, GPEN a plus.
• Demonstrated experience in and knowledge of complementary technical fields (i.e.: data network engineering, operating systems, etc.)
• Excellent problem solving / analytical skills and knowledge of analytical tools
• Excellent written and verbal communication skills.
Assessment Tools (Burp suite, Core Impact, Check point, Metasploit, open source tools). 2 years experience required. Expert proficiency.
VoIP security testing tools and methodologies. 2 years experience required. Expert proficiency.
TCP & IP. 2 years experience required. Average proficiency.
Security Methodologies. 2 years experience required. Above Average proficiency.
Penetration testing and vulnerability analysis (VA/PT). 2 years experience required. Above Average proficiency.
Regulatory compliance/Audit. 1 year experience required. Average proficiency.
U.S. Cellular® is an EEO employer and gives consideration to qualified applicants without regard to race/color/age/religion/sex/sexual orientation/gender identity/national origin/disability/veteran status, pregnancy or genetic information.