Plan, design, engineer, develop, implement vulnerability management process and define procedures to implement the process. Provide subject matter expertise around vulnerability analysis and penetration testing (VA/PT) methodologies. Evaluate and implement new technologies, policies, and procedures for business network operations. Perform assessments and prepare reports in support of data network monitoring, improvement, and regulatory compliance.
* Analyze and understand mobile carrier network for security assessment needs. * Lead security assessments for the exploitation of OWASP top 10 and NIST CSF 1.1. Lead security posture evaluation and security architecture review of current infrastructure and future solutions. * Perform vulnerability assessments and penetration testing using enterprise and open source tools. Validate results and provide vulnerability evidence procedures. * Perform PCI internal/external penetration testing and provide recommendations accordingly. * Perform Physical security audit for facilities and document findings to provide recommendations. * Analyze the security engineering and security operations tasks to align with assessment standards. * Develop security assessment standards and reports to ensure organization's compliance with CPNI and PCI regulations. * Analyze the current network security trends and suggest the improvements accordingly. * Coordinate threat hunting activities across the network leveraging intelligence from multiple internal and external sources, as well as cutting-edge security technologies * Design and build custom tools for investigations, hunting, and research * Assist in the design, evaluation, and implementation of new security technologies
THE PRECEDING JOB DESCRIPTION INDICATES THE GENERAL NATURE AND ESSENTIAL DUTIES AND RESPONSIBILITIES OF WORK PERFORMED. IT DOES NOT CONTAIN A COMPREHENSIVE INVENTORY OF ALL DUTIES, RESPONSIBILITIES, AND QUALIFICATIONS REQUIRED TO DO THIS JOB.
* Bachelor's degree in related technical / business area or equivalent work experience * Minimum 6 years relevant work experience * Demonstrated experience in and knowledge of complementary technical fields (i.e. data network engineering, operating systems, etc.) * Excellent problem solving / analytical skills and knowledge of analytical tools * Excellent written and verbal communication skills
Required Technical Skill - Years and Experience Proficiency:
Assessment Tools (Burp suite, Core Impact, Check point, Metasploit, open source tools) - 4 Expert
VoIP security testing tools and methodologies - 4 Expert
TCP & IP - 3 Average
Security Methodologies - 2 Above Average
Penetration testing and vulnerability analysis (VA/PT) - 3 Above Average
Regulatory compliance/ Audit - 1 Average
* Masters preferred * Certifications in CEH, LPT, GPEN preferred; Certifications in CISSP,CISM a plus * Knowledge of cyber security frameworks like NIST, SANS will be added an advantage. * Advanced cyber security concepts like threat intelligence and IoT a plus. * Knowledge of cellular technologies (3GPP) like 3G CDMA, 4G LTE, and VoLTE a plus.
Job : Engineering
Location(s) : Illinois-SCHAUMBURG_IL
U.S. Cellular® is an EEO employer and gives consideration to qualified applicants without regard to race/color/age/religion/sex/sexual orientation/gender identity/national origin/disability/veteran status, pregnancy or genetic information.
About U.S. Cellular
At U.S. Cellular, we're not just in the business of connecting calls, we're in the business of connecting people.