Careers

Summary

This is your opportunity to join a growing, industry-leading, security team. Utilize and build your Threat Hunting capabilities as a technical leader and collaborator in our Security Operations Center. We are adding the best and brightest to protect our local, regional, national and international customers’ networks, logs and endpoints!

Job Description

The candidate will perform both host-based and network-based forensic investigations after correlating events from the analyst console tool as part of our monitoring service. The analyst will use static and dynamic malware analysis to repeatedly identify detectable indicators of compromise, as well as other threats to enterprise environments, and work with the team to develop countermeasures.

The candidate will also utilize their experience to work with the team to resolve issues, tweak current processes, and develop/improve existing work instructions.

Qualifications

• Must have excellent oral and written communication skills.
• Must have experience with network administration.
• Must have deep knowledge of information security, IPv4/v6 networks, network devices, IDS/IPS and security monitoring tools.
• Ability to communicate technical problems to a diverse audience at the correct level of communication.
• Possess the desire to grow both technically and professionally in the information security field.

Education

Degree in Computer Science, Engineering, or a related technical discipline or equivalent experience

Other Qualifications

Responsibilities:

• Monitor our clients’ network, log and endpoint solutions to quickly identify true positives.
• Work with other team members and client representatives to inform, educate and remediate issues.
• Conduct malware and threat intelligence research to continuously improve our team of analysts through training sessions.
• Provide associated trainings and educational briefings to our clients to allow them to leverage the Power of Pondurance.
• Serve as an escalation point for alerts, tickets and analysis.
• Manage a portfolio of our clients to ensure processes, documentation, SLAs, etc are known, documented and followed.
• Mentor and educate the next generation of security leaders.

Apply Now

Summary

As a Security Analyst at Pondurance you will serve as a support system for lead analysts on cyber threats, evaluate and report on client’s network traffic and system logs; in an effort to help mitigate their risk of attack, as well as immediately contain threats that do penetrate their defenses.

Job Description

The successful candidate will assist in Incident Detection and Response as well as Vulnerability Management for our Threat Management Solution clientele. The candidate will also be able to analyze IOCs and work with the team to develop countermeasures. The candidate will also be will be required to work with the team to resolve issues, tweak current processes, and improve existing work instructions. The candidate will also need to research new threats to an enterprise environment and work with the team to develop effective countermeasures.

Qualifications

• Perform threat hunting on client’s networks and logs, looking for attacker presence
• Serve as support to lead investigator on Digital Forensics Incident Response to include performing forensic analysis, implement incident response procedures, and analyze malware as it presents itself
• Identify and attack vectors, threat tactics and attacker techniques
• Understand customers’ intelligence needs and wants
• Regularly assist with the review and provide reports on observed threats.

Education

The Security Analyst position requires a Bachelor’s degree or 1 to 3 years of experience in a related field.

Other Qualifications

• Knowledge of threat hunting and incident response procedures
• Knowledge of Intrusion Detection System (IDS) / Intrusion Prevention System (IPS) tools and applications
• Knowledge of network forensics and host-based forensics is a plus
• Strong understanding of OS behaviors
• Experience and knowledge of information security, IPv4/v6 networks, network devices,

proxies, IDS/IPS, and monitoring tools

• Demonstrate experience with one or more of the following: packet capture (PCAP) analysis using Wireshark or similar tools, familiarity with commercial or open source log or SIEM solutions, event analysis, correlation, reporting, alerting, and host-based analysis/detection, service discovery tools such as Nmap and vulnerability scanning tools such as Nessus, Nexpose, and/or Qualys. *Endgame knowledge is a plus
• Experience with system or network administration (Unix/Linux experience preferred)
• Experience with electronics social engineering exercises and campaigns, using social media, email, and phone
• Skill in evaluating information for reliability, validity, and relevance
• Skill in securing network communications
• Ability to recognize and analyze malware
• Ability to exercise judgement when policies are not well-defined
• Ability to adjust and adapt in a fast pace and dynamic environment.
• Ability to communicate technical problems, vulnerability, and risk into a business

context understood by the client

• Ability to make sound decisions and possess excellent problem-solving skills
• Demonstrate strong composure with a balance of urgency and intensity, as well as

focus

• Possess the desire to grow both technically and professionally in the information

security field

Apply Now

Summary

This is your opportunity to join a growing, industry-leading, security team. Utilize your knowledge and experience and build your Threat Hunting capabilities as a Security Analyst in our Security Operations Center. We are adding the best and brightest to protect our local, regional, national and international customers’ networks, logs and endpoints!

Job Description

A great opportunity for candidates with fewer than two years experience but who have a thirst for knowledge. Pondurance builds security leaders!

The candidate will perform both host-based and network-based forensic investigations after correlating events from the analyst console tool as part of our monitoring service. The analyst will use static and dynamic malware analysis to repeatedly identify detectable indicators of compromise, as well as other threats to enterprise environments, and work with the team to develop countermeasures.

The candidate will also utilize their experience to work with the team to resolve issues, tweak current processes, and develop/improve existing work instructions.

Qualifications

• Must have excellent oral and written communication skills
• Exposure to system or network administration (Unix/Linux experience preferred)
• Experience and knowledge of information security, IPv4/v6 networks, network devices, proxies, IDS/IPS, and monitoring tools
• Able to demonstrate experience or exposure to the following:
  • Packet Capture (PCAP) analysis using Wireshark
  • Commercial or open source log or SIEM solutions
  • Event analysis, correlation, reporting, and alerting
• Ability to communicate technical problems, vulnerability, and risk into a business
  context understood by the client.
• Ability to follow established processes and documentation. Ability to identify areas of improvement as it relates to processes and documentation.
• Ability to make sound decisions and possess excellent problem solving skills
• Possess the desire to grow both technically and professionally in the information
  security field

Education

Degree in Computer Science, Engineering, or a related technical discipline or equivalent experience desired. Priority given to the most qualified candidates.

Other Qualifications

Responsibilities:

• Monitor our clients’ network, log and endpoint solutions to quickly identify true positives.
• Work with other team members and client representatives to inform, educate and remediate issues.
• Quickly and successfully triage alerts and follow established processes for escalation
• Create dashboards to surface threat information quickly and easily. Perform scheduled reviews of these dashboards.
• Assist client portfolio managers to ensure processes, documentation, SLAs, etc are known, documented and followed.

 

Apply Now

Summary

Pondurance is rapidly growing, especially in compliance related engagements. We are looking for a Senior Compliance Consultant who can be a leader within the organization and a trusted advisor to our clients. Previous experience in consulting is not necessary, but a strong auditing, and/or information security, with working technical background, is needed for this position. The Senior Compliance Consultant would be expected to achieve the Payment Card Industry Qualified Security Assessor (QSA) designation.

Job Description

Senior Compliance Consultants lead compliance related projects from an assessor, tester, and project manager perspective. Our clients have a broad variety of regulatory compliance requirements, such as HIPAA, PCI DSS, NERC CIP, ISO 27001/2, and NIST.

The ideal candidate will have familiarity with compliance, risk management, or information security best practices and standards. Industry specific experience, such as healthcare, retail, or energy is a plus.

Qualifications

• Auditing, assessment, information security, with strong working knowledge of IT competencies (networking, operating systems,databases, etc.)
• Current CISSP, CISA, and or CISA designation is a plus
• Organization and project management skills
• Ability to focus on, including some leadership of, multiple client engagements
• Ability to lead and direct a team of consultants
• Ability to review the work of team members
• Serve as a mentor to junior staff
• Experience or willingness to learn various regulatory compliance requirements or frameworks
• Ability to speak in a public forum / events

Education

Bachelor’s degree in a technical, business, or accounting field.

Other Qualifications

• CISSP, CISA, PCI QSA or comparable certifications desired
• Minimum 2 – 5 years of comparable work experience
• Ability to travel up to 40%
• Eligible to work in the US without sponsorship

Apply Now

Summary

Pondurance is rapidly growing. We are looking for a Security Testing Consultant who can be a leader within the organization and a trusted advisor to our clients.

Job Description

The successful candidate will assist Pondurance clients with uncovering vulnerabilities and weakness that put their environments at risk. The issues identified will be accompanied by a strong desire to assist the client with understanding how the risk applies and how the client can prevent and remedy specific issues. The role also requires contributing to the ongoing development and improvement of the Security Testing practice through team building/training, industry tool and article (blog) development, and client advisement.

Qualifications

• Use automated tools as well as manual testing methods to identify and validate vulnerabilities identified in client organizations
• Uncover meaningful risks relative to specific client environments and their (information) assets, exploitable through identified attack vectors
• Ability to follow, manage, update, and create well-defined methodologies across a variety of security testing disciplines.
• Strong competency with security testing tools required (e.g. Nessus, Nexpose, Qualys, Burp, Nmap, Kali, Metasploit, Responder, Wireshark, Kismet, Aircrack-ng, Redseal, Nipper, etc.)
• System administration experience or familiarity with a variety of network devices/systems, operating systems, and development/software suites is required (e.g. Linux, BSD, Windows, Cisco, Oracle, JBoss, Active Directory, LDAP, etc.)
• Understanding of strategic and tactical remediation techniques and approaches
• Ability to demonstrate creating comprehensive deliverables is required (e.g. Penetration Test Reports, Configuration Review Assessments, Vulnerability Assessments, Social Engineering Exercise Reports, etc.)
• Demonstrated experience with thorough documentation peer review processes as both the submitter and reviewer
• Ability to work independently with no supervision as well as in team environments with more complex projects
• Strong attention to detail as it pertains to statement of work, project management, and project documentation
• Balancing multiple projects simultaneously with effective time management skills is required
• Experience with scripting and/or programming languages such as Python, Ruby, Javascript, C/C++, Assembly, etc.
• Passion for automating repetitive security testing tasks and creating tools to gain time efficiency and data consistency
• Demonstrated experience with most or all of the following:
  • Vulnerability Assessment
  • Penetration Testing
  • Configuration Review/Hardening of network devices and general purpose operating systems
  • Wireless Network Security Assessment
  • Physical Security Assessment (Red Team) and Social Engineering
  • Web Application Security Testing

Education

Bachelor’s Degree with disciplines in the area of Computer Science, Management Information Systems, Information Assurance, or Cyber Security are preferred. Equivalent experience and/or training also acceptable

Other Qualifications

• Minimum of two years experience performing Vulnerability Assessments, Penetration Tests, Wireless Security Testing and/or Configuration Review, and Social Engineering to enterprise organizations
• Minimum of two years of experience in a consulting services role, or related information security position
• Certifications are not required, candidates with OSCP, OSCE, GIAC, and CISSP are preferred.

Apply Now

Summary

The Customer Engagement Specialist will be an integral part of the Business Development team. The Customer Engagement Specialist will be a key contributor in the evolving growth and success of Pondurance through the acquisition of new clients. A Customer Engagement Specialist’s main objective is to contact prospects, explain our products and services and schedule appointments with the decision maker.

Job Description

o Responsible for timely, appropriate responses to all inbound leads (email, web and phone calls)
o Responsible for assignment and tracking of inbound sales leads
o Work with the Customer Engagement Managers to devise sales campaigns, identify target groups and also generate your own leads
o Responsible for scheduling appointments for Customer Engagement Managers
o Learn and demonstrate and understanding of Pondurance’s services and clearly articulate our capabilities and advantages to prospective customers.
o Conduct industry, company and prospect research
o Attend sales/marketing events that highlight our service line offerings.
o Demonstrate ability to meet company objectives.

Qualifications

• Ability to collaborate with others
• Highly competitive and self-motivated
• Comfortable in a fast paced environment
• Strong relationship management and interpersonal skills
• Excellent verbal and written communication
• You must possess listening, problem solving, influencing and negotiating skills
• Proficient with the Microsoft Office suite
• Ability to multitask
• Research and report writing skills

Education

Bachelor’s degree in Business with a preferred 1-3 years of sales and/or marketing experience preferred with a desire to gain knowledge or direct experience in cyber security. Salesforce or other CRM experience a plus.

Other Qualifications

N/A

Apply Now

Summary

The Business Development team is responsible for developing and implementing a comprehensive sales/marketing plan to drive new business to Pondurance. The Customer Engagement Manager will be a key contributor in the evolving growth and success of Pondurance through the acquisition and delivery of new clients. Customer Engagement Managers create and build consultative, long term relationships with their prospects and customers in order to help them navigate the complex array of IT Security problems they face.

Job Description

o Responsible for leading the generation of revenue through inside sales methods
o Ability to establish, maintain, and expand relationships with key executives and decision makers within each customer and territory
o Demonstrate ability to close sales and overcome customer objectives
o Ability to position Pondurance’s solutions as a strategic advantage to our customers’ long-term needs
o Structure and negotiate pricing and close new business based on agreed targets
o Champion Pondurance’s service offerings to new and existing markets to identify new opportunities
o Stay in tune with IT Security and Compliance trends to make recommendations on new POVs and provide thought leadership
o Accurately forecast upcoming business opportunities with Executive Leadership
o Effectively develop and manage sales campaigns
o Attend sales/marketing events that highlight our service line offerings
o Meet key metrics to help meet organizational and team goals
o Work with other Pondurance teams to maintain existing customers
o Attend industry networking events

Qualifications

• Team leadership skills
• Highly competitive and self-motivated
• Comfortable in a fast paced environment
• Strong relationship management and interpersonal skills
• Great communication, influencing and negotiating skills
• Desire to adapt to a sales program easily and rapidly
• Creativity with campaigns and events
• Ability to multitask
• Strong research and report writing skills
• Complex problem solving and decision making

Education

Bachelor’s degree in Business with 5 years of sales/marketing experience preferred. Must have a desire to gain knowledge or direct experience in information or cyber security field and CRM experience a plus.

Other Qualifications

N/A

Apply Now