AI Security Test Analyst

Washington, DC, US • Posted 5 hours ago • Updated 5 hours ago
Contract Independent
Contract W2
5 Years
No Travel Required
On-site
Depends on Experience
Fitment

Dice Job Match Score™

⭐ Evaluating experience...

Job Details

Skills

  • Artificial Intelligence
  • Security QA
  • Security Analysis
  • Nessus
  • Fortify

Summary

We are seeking a Security Test and Evaluation Analyst with experience implementing artificial intelligence (AI) for static and dynamic security application testing, control assessments, and ethical hacking activities. The ideal candidate will have deep expertise with traditional security test and evaluation practices, activities, and technologies. The ideal candidate will also have experience working with a variety of AI technologies and models for security test and evaluation. This position will require the development and delivery of AI-enabled security test and evaluation processes, tools, and capabilities.

Key Responsibilities

·        Implement comprehensive security tests that include all phases of the ethical hacking process (e.g., reconnaissance, footprinting, scanning, exploitation, and post-exploitation) and other security assessment activities (e.g., static or dynamic code review, system architecture diagram review, control evaluation) to demonstrate or emulate an adversary’s ability to gain unauthorized access to sensitive data and systems that reside in either local (on-premises) or cloud computing solutions.

·        Conduct security assessment activities and design approaches to augment with AI enhancements (e.g., static or dynamic code review, system architecture diagram review, control evaluation).

·        Implement AI-enabled solutions for security test and evaluation and adapt existing processes to integrate emerging AI capabilities into standard operations.

·        Provide key requirements, observations, design suggestions, and artifacts to inform the development of AI technologies that will support the adoption of AI technology to establish a security test and evaluation program.

·        Conduct scenario-based and functional security testing during authenticated and unauthenticated testing and identify and deliver solutions that leverage AI for these capabilities.

·        Analyze the output of AI models designed to identify and probe vulnerabilities in hardware, software and cloud-resident systems and suggest remediation strategies to reduce risk and close gaps.

·        Abide by all governance and standards as defined by the Organization or levied by external entities to remain compliant with all requirements when implementing AI solutions.

·        Develop analytic products and reports that demonstrate the effectiveness of AI-enabled security test and evaluation practices to include metrics and technical reports.

Required Qualifications

·        5+ years of hands-on security test and evaluation experience that includes use of technologies such as Tenable Nessus, GitLab vulnerability scanning features, Fortify, Invicti, Mandiant MSV, Kali Linux, Wiz, etc.

·        3+ years of hands-on security test and evaluation experience that includes cloud resident technologies in Amazon Web Services, Microsoft Azure, ServiceNow, etc.

·        Experience implementing comprehensive security tests to include all phases of the ethical hacking process (e.g., reconnaissance, footprinting, scanning, exploitation, and post-exploitation).

·        Hands on experience implementing AI solutions for security test and evaluation.

·        Experience analyzing data and software to identify and test security gaps and vulnerabilities for exploitability.

·        Experience collaborating with key stakeholders to assess, prioritize, and develop actionable plans to address the discovered gaps.

Preferred Qualifications

·        Demonstrated experience leverage AI-enabled capabilities for security test and evaluation activities in a hybrid environment.

·        Deep understanding of network protocols, configurations, security technologies, and security practices, including network security, operating system hardening, database security, and web application security for both local (on-premises) and cloud computing solutions.

·        Deep understanding of common vulnerabilities and attack vectors, including experience identifying and exploiting vulnerabilities in operating systems (e.g., Windows, Linux, and macOS), network devices (e.g., firewalls, routers, and switches) and web applications and application program interfaces (e.g., SQL injection, cross-site scripting and cross-site request forgery).

·        Experience operating in government environments that follow NIST, FISMA, FedRAMP, and OMB guidance.

___________________________________________________________

No Phone calls Please

Please apply with your resume in a word file including all your contact details

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
  • Dice Id: 10120268
  • Position Id: ADJE2645
  • Posted 5 hours ago
Contact the job poster
Prasad Nagaraj

Prasad Nagaraj

Principal @ Advance Digital Systems
Create job alert
Set job alertNever miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

Washington, District of Columbia

Today

Full-time

USD 39.00 - 75.00 per hour

Washington, District of Columbia

Yesterday

Easy Apply

Contract

Depends on Experience

Washington, District of Columbia

Today

Easy Apply

Contract

Depends on Experience

Washington, District of Columbia

Today

Easy Apply

Contract, Third Party

Depends on Experience

Search all similar jobs