Apply on Employer Site

AscendHire · 9 hours ago

Senior Information Security Analyst

NYC Metro Area

Full-time

Onsite

Senior Level

$210K/yr - $240K/yr

7+ years exp

AscendHire is seeking a Senior Information Security Analyst to monitor and enhance their security systems. The role involves performing penetration tests, identifying vulnerabilities, and supporting various security operations activities.

Human ResourcesRecruitingStaffing Agency

Hiring Manager

Elena Epidy

Responsibilities

Perform real-time security log and event analysis and take action to contain and mitigate information security threats. The events will originate from SIEM, DLP, IDS, IPS, antivirus, firewalls, system security logs and user reports

Conduct manual and automated penetration testing of web applications, APIs, networks, cloud environments, and mobile apps

Simulate real-world cyber-intrusion techniques to identify security vulnerabilities and validate practical exposures/risks

Develop automation workflows, routines and scripts to support advanced testing efforts and remediation validation

Contribute to red team engagements, threat modeling, and purple team exercises

Assist in maintaining existing security systems, such as IPS/IDS, Anti-Virus, EPO, SIEM, NAC and other cyberattack detection and analytics tools; assist with security technologies deployment, configuration, troubleshooting, maintenance, patching/upgrading and decommission

Make enhancements to existing monitoring and security operations and contribute to a Continuous Monitoring program framework

Work across teams to accomplish security program goals

Qualification

Penetration testingInformation security systemsNetwork security knowledgeScripting PythonScripting PowerShellCloud security testingSecurity tools proficiencyDesire to learnParticipation in CTF eventsIT infrastructureMobile app securityOWASP Top 10SIEMCloud environmentsCritical thinkingDetail-orientedCommunicationSelf-starter

Required

Strong knowledge of network services, vulnerabilities, exploits and attacks vectors and TTPs (Tactics, Techniques, and Procedures)

Proven experience in penetration testing, ethical hacking, or purple teaming

Strong knowledge of OWASP Top 10, MITRE ATT&CK, CVSS, and common exploit techniques

Proficiency with tools like Burp Suite, Metasploit, Nmap, Nessus, Kali, Bloodhound, or similar

Familiarity with scripting (e.g., Python, PowerShell) for automation and vulnerability validation

Understanding of IT infrastructure, networking, system internals (Windows/Linux), and web/application security

Strong knowledge of server and desktop operating systems, routers, switches, firewalls and other network equipment

Experience with cloud environments (SaaS, iDP, AWS, Azure, GCP) and cloud security testing

Critical thinking, investigative mindset and ability to conduct root cause analysis

Detail-oriented and able to meet tight deadlines

Excellent written, verbal and interpersonal skills

Highly motivated self-starter with an inquisitive personality

Desire and ability to learn new skills and concepts

Bachelor's degree in related field or discipline

Minimum of 7 years of experience in information security

Preferred

SPLUNK Administrator or Power User considered a plus

Knowledge of mobile app security vulnerabilities (iOS, Android) and threat modeling a plus

Participation in Capture The Flag (CTF) events or offensive security challenges

Certifications such as GPEN, OSCP, OSEP or similar are highly desirable

CISSP, CISA, CEH, GIAC and other industry certifications considered a plus

Benefits

Bonus

Exceptional Benefits

Company

AscendHire

AscendHire specializes in staffing and recruiting professionals to a wide range of industries.

Founded in 2010

New York, New York, USA

11-50 employees

http://www.ascendhire.com

Funding

Current Stage

Early Stage

Leadership Team

Tony Vigliotti

Partner

Company data provided by crunchbase