Job Description
- Black Lantern Security is a Services Oriented Company
- Black Lantern Security is built around the ingenuity, passion, and determination of our Operators and Analysts
- No one "mastermind"
- No "cult of personality"
- Competitive compensation and benefits
- Healthy work-life balance
- Project-based engagements that play to the team's strengths
Attack Surface Management (ASM) Cybersecurity Analyst
Location: Remote
Travel: Up to 10% travel possible, both domestically and internationally
Experience Level: Entry - Mid Level
- Responsibilities:
- Perform data collection in support of ASM
- Identify vulnerabilities, communicate risk, and verify root cause
- Perform verification/validation testing for vulnerabilities in external-facing web sites, web applications, and services; demonstrate exploitation steps and verify remediation/fixes
- Develop custom tools and small utilities
- Generate comprehensive reports, including detailed findings, exploitation procedures, and mitigation techniques
- Preferences:
- Strong understanding of OWASP common vulnerabilities and testing methodologies
- Ability to communicate risks caused by web-based application vulnerabilities
- Possess basic cybersecurity professional certifications (Security+, GSEC, SSCP)
- Experience with ASM/OSINT tools and utilities (BurpSuite, AMASS, PassiveTotal, SecurityTrails, Nuclei, Recon-NG, GoWitness, MassDNS, Masscan, Censys.io, etc.)
- Requirements:
- Must be US citizen (must be willing to submit to federal, state, and local background checks as well as other requirements)
- Familiarity with common web vulnerabilities including: XSS, XXE, SQL Injection, Deserialization Attacks, Path Traversal Attacks, Remote Execution Flaws, and Authentication Flaws
- Understanding of common web application frameworks and web-based APIs
- Experience with one or more scripting languages such as Bash, Python, Perl, PowerShell, etc.
- Solid understanding of Open-Source Intelligence (OSINT) gathering techniques in support of ASM (subdomain discovery/enumeration, service and application enumeration, and content discovery, etc.)
- Ability to manage, organize, analyze, and present substantial amounts of data
- Strong written and verbal English language skills
- Capable of working effectively and efficiently with minimal supervision
Apply tot his job
Apply To this Job