S&S Senior Security Analyst

DUTIES: Conduct penetration testing and UL 2900 certification-based testing against different technological domains including, but not limited to, web and mobile products, embedded and hardware products, wireless products, software, and smart device applications. Conduct vulnerability testing, risk analyses and security assessments. Conduct cyber security testing on IoT devices such as Medical and Industrial Control Equipment. Provide advisory services on security design, controls, and risk management. Assess, calculate, document, and communicate risk based on the vulnerabilities and exposures discovered during testing. Perform audit assessments and gap analysis. Perform custom penetration testing projects, including grey/white box penetration testing to circumvent risk controls and security configurations by exploiting vulnerabilities to gain unprivileged access or cause the product to malfunction. Create and deliver project deliverables, information security documentation, technical reports and formal papers on test findings, and complete requests in accordance with requirements. Communicate with clients and explain identified issues and non-compliances, explain requirements of compliance with UL cybersecurity certificates, and advise regarding resolution or mitigation of threats and risks discovered during testing. Learn new computer technology platforms for security testing and forensics, and keep abreast of the latest security news, trends, attacks, tools, and techniques. Develop and present information security training in order to train clients on cybersecurity standards, best practices, and different types of attacks that can occur. 100% telecommuting allowed from anywhere in the United States.

MINIMUM REQUIREMENTS: Master’s degree in Computer Science, Computer Engineering, or related field and 2 years of experience. Must have work experience in each of the following: 1) conduct cyber security testing on IoT devices such as Medical and Industrial Control Equipment; 2) leverage knowledge of testing products for CVEs and CWEs; 3) conduct fuzz testing on IoT devices; 4) conduct penetration tests on network connected equipment; and 5) conduct security assessments on embedded medical devices such as pumps, syringes, dialysis systems, surgical robotic hands, wireless devices, web servers and mobile applications to be evaluated and tested for vulnerabilities, security misconfigurations, and software weaknesses. 100% telecommuting allowed from anywhere in the United States.

Salary Range:  $98,946 - $181,800/year

#LI-DNI

A global leader in applied safety science, UL Solutions (NYSE: ULS) transforms safety, security and sustainability challenges into opportunities for customers in more than 110 countries. UL Solutions delivers testing, inspection and certification services, together with software products and advisory offerings, that support our customers’ product innovation and business growth. The UL Mark serves as a recognized symbol of trust in our customers’ products and reflects an unwavering commitment to advancing our safety mission. We help our customers innovate, launch new products and services, navigate global markets and complex supply chains, and grow sustainably and responsibly into the future. Our science is your advantage.