Skip to content
Information Security Senior Analyst – Penetration Testing
| Company | Securian Financial Group |
|---|
| Location | St Paul, MN, USA |
|---|
| Salary | $67000 – $125000 |
|---|
| Type | Full-Time |
|---|
| Degrees | Bachelor’s |
|---|
| Experience Level | Senior |
|---|
Requirements
- A bachelor’s degree in information security, computer science, or a related field, or an equivalent combination of education and experience.
- At least 3 years of experience in cybersecurity, with a focus on penetration testing and cybersecurity risk management.
- One or more professional certifications such as OSCP, OSCE, GWAPT, GSEC, GPEN, GXPN, PenTest+, and CEH.
- Proficiency in penetration testing tools and methodologies, as well as a strong understanding of cybersecurity frameworks and standards.
- Ability to analyze and interpret penetration test results and recommend remediation strategies.
- Strong technical skills and understanding of networking and operating systems.
- Strong problem-solving abilities to identify and recommend cybersecurity risks mitigation.
- Strong project coordination or management skills.
- Excellent written and verbal communication skills, with the ability to collaborate effectively with cross-functional teams and third-party vendors.
- A self-disciplined and initiative-taker.
- Elevated level of diligence, ensuring accuracy and thoroughness in all aspects of the role.
- A commitment to continuous improvement and staying current with the latest cybersecurity trends and technologies.
Responsibilities
- Identify targeted systems to meet regulatory requirements, contractual obligations, and higher risk of compromise.
- Oversee and manage the delivery of penetration tests by engaging certified third-party vendors.
- Review and verify penetration test reports delivered by third-party vendors.
- Collaborate with cross-functional teams to ensure that the corresponding support group remediates the identified security vulnerabilities that align with policies and standards.
- Manage day-to-day operations throughout the risk management lifecycle: identifying, analyzing, evaluating, treating, and monitoring.
- Maintain and enhance the cybersecurity risk register.
- Support cross-functional services within the department as needed.
- Embrace and influence a culture of continuous improvement by evaluating, collaborating, and recommending program and service improvement opportunities.
Preferred Qualifications
- Experience working in a hybrid work environment, demonstrating the ability to effectively manage tasks both remotely and in-person.
- Advanced certifications such as CISSP, CISM, SecurityX, or other relevant cybersecurity certifications.
- Proven record of accomplishment of leading penetration testing projects and managing third-party vendors.
- Strong understanding of regulatory requirements and industry standards related to cybersecurity.
- Experience with advanced penetration testing techniques.
- Demonstrated ability to influence and drive large, complex initiatives within a cybersecurity program.
