CyberSecurity Assurance Analyst

at  Elsevier

Cyber Security Assurance Analyst
Are you a security expert looking to develop your career?
Are you a highly skilled Security champion?
About our Team
You as a Penetration Tester will join our Security Assurance team, a vital part of our larger security organization.
About the Role
This position you’ll conduct comprehensive penetration tests on web and cloud environments, identify vulnerabilities, and implement effective mitigation strategies. You’ll work closely with diverse teams across the organization to enhance our security posture.

Responsibilities

• Performing security defect mitigation testing and ensure documented results support remediation efforts.
• Analyzing chronic incidents, abnormal usage, and attack patterns, and tune security telemetry for risk identification, including misuse, fraud, and theft of services.
• Recommending improvements to tools, processes, and applications to optimize security posture, including identifying gaps and proposing solutions to enhance overall security effectiveness.
• Developing and maintaining scripts to automate cybersecurity tasks and processes.
• Contributing to the continuous improvement of the organization’s security practices and policies.
• Conducting and document comprehensive penetration testing (manual and automated) of software and technology across web and cloud environments, including static and dynamic code and system configuration security tests. Create detailed technical security assessment reports based on these tests
• Identifying and assess vulnerability and exploitation risks, developing mitigation and detection methods.

Requirements

• Experience of secure coding practices applications security testing tools and techniques (SAST, DAST) and API Security testing.
• Be able to understand cloud and networking, web-based content delivery platforms and filesystem operation, architecture, patching and security.
• Be able to identify emerging threats, conduct risk assessments, and leverage security intelligence tools
• Possess CISSP, CISM, SANS, GIAC, CCH or related credential for ethical hacking /penetration tester certification, and/or security risk assessment certification.
• Be excellent in oral and written communication skills and interpersonal skills
• Be able to use Python, Bash and/or other Scripting Languages and automation tools for Security testing and management.
• Be able to propose, scope, conduct, report and remediate manual and Automation Testing.

Work in a way that works for you

We promote a healthy work/life balance across the organisation. We offer an appealing working prospect for our people. With numerous wellbeing initiatives, shared parental leave, study assistance and sabbaticals, we will help you meet your immediate responsibilities and your long-term goals.

• Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive

Working for you

We know that your wellbeing and happiness are key to a long and successful career. These are some of the benefits we are delighted to offer:

• Generous holiday allowance with the option to buy additional days
• Health screening, eye care vouchers and private medical benefits
• Wellbeing programs
• Life assurance
• Access to a competitive contributory pension scheme
• Save As You Earn share option scheme
• Travel Season ticket loan
• Electric Vehicle Scheme
• Optional Dental Insurance
• Maternity, paternity and shared parental leave
• Employee Assistance Programme
• Access to emergency care for both the elderly and children
• RECARES days, giving you time to support the charities and causes that matter to you
• Access to employee resource groups with dedicated time to volunteer
• Access to extensive learning and development resources
• Access to employee discounts scheme via Perks at Work

About the Business
A global leader in information and analytics, we help researchers and healthcare professionals advance science and improve health outcomes for the benefit of society. Building on our publishing heritage, we combine quality information and vast data sets with analytics to support visionary science and research, health education and interactive learning, as well as exceptional healthcare and clinical practice. At Elsevier, your work contributes to the world’s grand challenges and a more sustainable future. We harness innovative technologies to support science and healthcare to partner for a better world.
-
Elsevier is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form:
https://forms.office.com/r/eVgFxjLmAK
, or please contact 1-855-833-5120.
Please read our
Candidate Privacy Policy

Responsibilities

• Performing security defect mitigation testing and ensure documented results support remediation efforts.
• Analyzing chronic incidents, abnormal usage, and attack patterns, and tune security telemetry for risk identification, including misuse, fraud, and theft of services.
• Recommending improvements to tools, processes, and applications to optimize security posture, including identifying gaps and proposing solutions to enhance overall security effectiveness.
• Developing and maintaining scripts to automate cybersecurity tasks and processes.
• Contributing to the continuous improvement of the organization’s security practices and policies.
• Conducting and document comprehensive penetration testing (manual and automated) of software and technology across web and cloud environments, including static and dynamic code and system configuration security tests. Create detailed technical security assessment reports based on these tests
• Identifying and assess vulnerability and exploitation risks, developing mitigation and detection methods

We promote a healthy work/life balance across the organisation. We offer an appealing working prospect for our people. With numerous wellbeing initiatives, shared parental leave, study assistance and sabbaticals, we will help you meet your immediate responsibilities and your long-term goals.

• Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productiv