Attack Surface Management (ASM) Cybersecurity Analyst

Black Lantern Security is a Services Oriented Company

• Black Lantern Security is built around the ingenuity, passion, and determination of our Operators and Analysts
• No one "mastermind"
• No "cult of personality"
• Competitive compensation and benefits
• Healthy work-life balance
• Project-based engagements that play to the team's strengths

Attack Surface Management (ASM) Cybersecurity Analyst Location: Remote Travel: Up to 10% travel possible, both domestically and internationally Experience Level: Entry - Mid Level Responsibilities:

• Perform data collection in support of ASM
• Identify vulnerabilities, communicate risk, and verify root cause
• Perform verification/validation testing for vulnerabilities in external-facing web sites, web applications, and services; demonstrate exploitation steps and verify remediation/fixes
• Develop custom tools and small utilities
• Generate comprehensive reports, including detailed findings, exploitation procedures, and mitigation techniques

Preferences:

• Strong understanding of OWASP common vulnerabilities and testing methodologies
• Ability to communicate risks caused by web-based application vulnerabilities
• Possess basic cybersecurity professional certifications (Security+, GSEC, SSCP)
• Experience with ASM/OSINT tools and utilities (BurpSuite, AMASS, PassiveTotal, SecurityTrails, Nuclei, Recon-NG, GoWitness, MassDNS, Masscan, Censys.io, etc.)

Requirements:

• Must be US citizen (must be willing to submit to federal, state, and local background checks as well as other requirements)
• Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, Path Traversal Attacks, Remote Execution Flaws, and Authentication Flaws
• Understanding of common web application frameworks and web-based APIs
• Experience with one or more scripting languages such as Bash, Python, Perl, PowerShell, etc.
• Solid understanding of Open-Source Intelligence (OSINT) gathering techniques in support of ASM (subdomain discovery/enumeration, service and application enumeration, and content discovery, etc.)
• Ability to manage, organize, analyze, and present substantial amounts of data
• Strong written and verbal English language skills
• Capable of working effectively and efficiently with minimal supervision

Apply tot his job Apply To this Job