Job Summary:
A Security Analyst performs vulnerability assessment and penetration testing and reports directly to Sr. Penetration Tester. The security analyst is responsible for mobile and web application security assessments for all Multisys Technologies Corporation Proprietary products and solutions to identify vulnerabilities and security risks – continues security assessment and schedule scanning. Furthermore, he/she focuses on vulnerability identification, prioritization, and reporting across both on-prem and cloud-based system, infrastructure (Cloud), and network devices that span both Multisys Technologies Enterprise and service provider network.

General

Ensures alignment of all Infrastructure, Servers, and Operating Systems with CIS security benchmarks; Identifies code quality for web and mobile applications; Translates technical gaps into business risks and provides technical solutions for remediation to operations teams. Understands the threat landscape related to risks and effectively communicates it to the team; Prepares and presents reports on a daily, weekly, monthly, quarterly, and annual basis as required; Participates in human resources and other company activities; and Performs other assigned tasks.

Vulnerability Assessment

Performs mobile and web application security assessments to identify vulnerabilities and security risks; Conducts continuous security assessment and scheduled scanning. Manages and schedules on-demand scanning using approved vulnerability management solutions; Focuses on vulnerability identification, prioritization, and reporting across on-premises and cloud-based systems, infrastructure, and network devices within the organization and service provider network; Stays updated on intelligence reports regarding newly discovered vulnerabilities and tests the organization's environment for potential impact; and Ensures timely updates on the status of VAPT activities and automated scanning.

Penetration Testing

Conducts attack simulations on mobile and web applications owned and managed by Multisys Technologies Corporation; Performs business logic testing on critical and transactional software, mobile, and web applications; and Validates findings from third-party service providers and responsible disclosures.