serp_jobs.error_messages.no_longer_accepting
Security Assurance Analyst III (Oakland)
Marriott Vacations WorldwideOakland, CA, United Statesjob_description.job_card.1_day_ago
serp_jobs.job_preview.job_type
- serp_jobs.job_card.full_time
job_description.job_card.job_descriptionRelocation Assistance Available Required three (3) days in the Orlando Headquarters Office and remote two (2) days. Position Summary As a member of the professional staff, contributes general knowledge and skill in a discipline area. (e.g., Accounting, Finance, Human Resources, Information Resources, Operations Planning & Support, Sales & Marketing) to support team and / or department objectives. Generally, works under limited supervision, but within established guidelines, producing and analyzing more complex business information to assist in the decision-making process. Specific Job Summary The Security Assurance Analyst Ill role is responsible for identifying and exploiting vulnerabilities within the organization's infrastructure, applications, APl's, and cloud environments. This position is focused on conducting security testing, including penetration testing and red team exercises, to simulate real-world adversary tactics and techniques. In particular, the role will also apply expertise to application security testing, working closely with development teams to ensure secure coding practices and vulnerability remediation are integrated into the development lifecycle. In addition to conducting hands-on offensive security testing, this role requires expertise in mapping attack scenarios to frameworks such as the MITRE ATT&CK framework to assess the organization's defense mechanisms. The individual will be responsible for identifying weaknesses in both existing and new systems and providing detailed recommendations for improving security measures across various technology environments. The ideal candidate is a highly skilled and collaborative security professional with a deep understanding of offensive security techniques and a passion for improving security processes through continuous testing and learning. Expected Contributions Contributes to team, department, and / or business results by performing complex quantitative and qualitative analysis for business processes and / or projects. Often manages small projects, business processes or parts of larger ones. Responds to, solves, and makes decisions on more complex / non-routine business requests with limited to moderate risk. Performs more complex quantitative and qualitative analysis for business processes and / or projects. Often manages small projects, business processes or parts of larger ones. Responds to, solves, and makes decisions on more complex / non-routine business requests with limited to moderate risk. Assists more senior associates in achieving business results by : identifying opportunities to enhance the effectiveness of business processes. participating in setting department operating plans. achieving results against budget within scope of responsibility. Demonstrates an awareness of personal strengths and areas for improvement and acts independently to improve and increase skills and knowledge. Specific Expected Contributions Conducts thorough penetration testing of infrastructure, web applications, APIs, and cloud environments to identify vulnerabilities and potential attack vectors. Collaborates with application development teams to implement security testing practices early in the software development lifecycle (SDLC), ensuring secure code and configurations. Reviews application development processes to ensure secure coding practices are followed, identifying vulnerabilities in the development, staging, and production environments. Leads red team exercises simulating advanced persistent threats (APTs) to assess the organizations security resilience in real-world attack scenarios. Collaborates closely with blue team members to provide feedback on detection and response efforts and support the development of effective defenses. Maps offensive security test results to the MITRE ATT&CK framework to ensure comprehensive understanding of adversary tactics, techniques, and procedures (TTPs). Executes vulnerability assessments and perform threat simulations to evaluate the effectiveness of security controls in place. Conducts vulnerability validation, including verifying the exploitability of identified vulnerabilities and conducting follow-up testing to confirm remediation. Leads and mentor junior security analysts, providing guidance on offensive security techniques and tools. Develops and refines testing methodologies, including custom attack scenarios to improve the organizations testing capabilities. Collaborates with IT, security engineering, and development teams to ensure vulnerabilities are prioritized and remediated effectively. Documents and communicates findings, providing clear, actionable recommendations to improve security across technology platforms. Stays up to date with emerging threats and vulnerability trends, continuously improving security testing practices and capabilities. Candidate Profile Successful candidates should possess knowledge, experience, and demonstrate leadership skills as follows : Generally, a professional position with specific knowledge in a discipline (e.g., Accounting, Human Resources, Information Resources). College degree and / or relevant experience typically required. Specific Candidate Profile Education Bachelors degree in computer science, Information Security, or a related field. Equivalent work experience may be considered in lieu of a degree. Certifications Preferred Offensive Security Certified Professional (OSCP) Certified Ethical Hacker (CEH) GIAC Penetration Tester (GPEN) Offensive Security Web Expert (OSWE) Certified Secure Software Lifecycle Professional (CSSLP) GIAC Web Application Penetration Tester (GWAPT) Experience At least 4 years of experience in offensive security roles, including penetration testing, red teaming, and application security testing. Hands-on experience with penetration testing tools (e.g., Burp Suite, Metasploit, Kali Linux, Cobalt Strike) and custom scripting for security testing. Proven expertise in identifying and exploiting vulnerabilities in applications, including web applications, mobile apps, APIs, and cloud platforms. Experience working with modern development practices, including DevSecOps, CI / CD pipelines, and integrating security testing into the software development lifecycle (SDLC). Deep knowledge of application security testing methods, including static analysis, dynamic analysis, and fuzzing. Familiarity with security practices such as Secure Development Lifecycle (SDL), Secure Code Reviews, and application security code scanning. Experience with cloud platforms (AWS, Azure, GCP) and container security (e.g., Docker, Kubernetes). Ability to map attack scenarios to the MITRE ATT&CK framework and provide insights for improving security defenses. Skills / Attributes Advanced Penetration Testing Skills : Deep knowledge of testing web and mobile applications, APIs, and cloud services for vulnerabilities, with strong experience exploiting weaknesses to simulate real-world attacks. Application Security Expertise : Extensive experience with application security practices, secure code reviews, and vulnerability scanning tools. Secure Development Knowledge : Strong understanding of application development methodologies (e.g., Agile, DevOps) and experience incorporating security into development processes and pipelines. Red Team Expertise : Ability to simulate sophisticated attack techniques and scenarios, providing insight into potential attack paths and evaluating the organizations defenses. Cloud Security Knowledge : Solid understanding of cloud security best practices, including securing cloud environments (AWS, Azure) and containerized applications (Docker, Kubernetes). Vulnerability Management & Exploitability : Expertise in validating vulnerabilities, assessing their risk, and verifying exploitability across a wide range of systems. Incident Response Collaboration : Ability to work with incident response teams to translate offensive testing results into actionable intelligence for defensive improvements. Strong Documentation and Reporting Skills : Ability to document testing methodologies, findings, and recommendations clearly and concisely, and communicate technical issues to both technical and non-technical stakeholders. Mentorship & Leadership : Ability to lead and mentor junior security team members, promoting a culture of continuous improvement in offensive security practices. Problem-Solving & Analytical Thinking : Strong problem-solving skills, with the ability to think like an attacker to uncover vulnerabilities and develop strategies for exploitation and risk mitigation. Marriott Vacations Worldwide is an equal opportunity employer committed to hiring a diverse workforce and sustaining an inclusive culture.
serp_jobs.job_alerts.create_a_job
Security Analyst Iii • Oakland, CA, United States
Job_description.internal_linking.related_jobs
US-CA-San Jose | US-CA-Fremont.Allied Universal, North America's leading security and facility services company, offers rewarding careers that provide you a sense of purpose.While working in a dyna...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
PG Forsta is the leading experience measurement, data analytics, and insights provider for complex industries-a status we earned over decades of deep partnership with clients to help them understan...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
Lead, Security Analyst (IT Risk Management).Hybrid; 1 day onsite at HQ (Dublin CA).Conversion Salary Expectations.Insight Global is looking for a Lead Security Analyst to support a large retail cli...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
Bad software is everywhere, and we’re tired of it.Sentry is on a mission to help developers write better software faster so we can get back to enjoying technology.
With more than $217 million in fun...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
BCI) is a minority-owned, 9,000 employee, global service provider overseeing account services in food, environmental, facility maintenance, professional staffing, and security.Within our healthcare...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_hours
Strategic Security Initiatives Leader.Client is seeking an experienced professional to lead strategic initiatives that strengthen our security posture and reduce risk across the organization.In thi...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
At the University of California, Berkeley, we are dedicated to fostering a community where everyone feels welcome and can thrive.
Our culture of openness, freedom and belonging make it a special pla...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
Location : Hybrid in the Philippines Office 50% of the time.The shift will be 4 X 10 : 8am – 6pm PHL, Sunday – Wednesday or Wednesday – Saturday.
BlueVoyant is looking for Security Operations Center (...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days)
Gavin de Becker & Associates (GDBA).Founded in 1978 by 3-time Presidential appointee, Gavin de Becker, our firm’s Protectors, Analysts, and Investigators are committed to our mission of protecting ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
Oversee the daily operational aspects of managing and monitoring the safeguarding of campus information assets.This includes, but is not limited to, managing all security platforms used by the info...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_hours
This position is vital to not only Security's operations, but also the entire Space Enterprise, for the Western Region.This position facilitates a multitude of processes, which are needed to ensure...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
Industrial Security Specialist III - San Jose CA.Delivering mission-critical, electronic solutions that protect lives.Use your creativity and critical thinking to take our products from concept to ...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
The Corporate Security team ensures the physical safety and security of the organization's assets, operations, and personnel.
We are committed to maintaining a secure environment that enables our te...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
Compliance Analyst, AML Investigations.At OKX, we believe that the future will be reshaped by crypto, and ultimately contribute to every individual's freedom.
OKX is a leading crypto exchange, and t...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
Lucid Motors is leading the future in luxury electric and mobility.We aim to introduce captivating, luxury electric vehicles that enhance the human experience and push the boundaries of space, perf...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_hours
Lead, Security Analyst (IT Risk Management).Hybrid; 1 day onsite at HQ (Dublin CA).Conversion Salary Expectations.Insight Global is looking for a Lead Security Analyst to support a large retail cli...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_days
Fire and Security Alarm Systems Technician.Fire and Security Alarm Systems Technician.Maintenance & Engineering (M&E).The San Francisco Bay Area Rapid Transit District (BART) is seeking a s...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_hours
Waymo is an autonomous driving technology company with the mission to be the world's most trusted driver.Since its start as the Google Self-Driving Car Project in 2009, Waymo has focused on buildin...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
We are so glad you are interested in joining Sutter Health!.Provides a secure and safe environment that allows patients, visitors, physicians, personnel and volunteers to deliver or receive quality...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_variable_hours
Monitor their organization’s networks for security breaches and investigate a violation when one occurs Install and use software, such as firewalls and data encryption programs, to protect sensitiv...serp_jobs.internal_linking.show_moreserp_jobs.last_updated.last_updated_30
- serp_jobs.job_card.promoted
Regional Security Trainer
Allied UniversalFremont, CA, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Associate Application Security Engineer
PG ForstaEmeryville, CA, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Lead Security Analyst
Insight GlobalDublin, CA, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Senior Security Engineer, Application & Platform Security
SentrySan Francisco, CA, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
- serp_jobs.job_card.new
Assistant Security Manager
Blackstone Consulting, Inc.Fremont, CA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Security & Privacy Integration Program Manager (M&A Due Diligence Analysis)
US Tech SolutionsSunnyvale, CA, USserp_jobs.job_card.temporary
- serp_jobs.job_card.promoted
Research Security Analyst (6230C), Research Admin & Compliance - #81585
University of California-BerkeleyBerkeley, CA, United Statesserp_jobs.job_card.full_time +1
- serp_jobs.job_card.promoted
SOC Security Analyst III
BlueVoyantSan Francisco, CA, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Security Specialist New Alameda, CA
Gavin de Becker & Associates (GDBA)San Francisco, CA, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
- serp_jobs.job_card.new
Sr. Information Security Analyst
ISACACampbell, CA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Security Assistance Sr. Specialist
Lockheed MartinSunnyvale, CA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Industrial Security Specialist III - San Jose CA
VetJobsSan Jose, CA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Protective Intelligence & Threat Analyst
OpenAISan Francisco, CA, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Compliance Analyst, AML InvestigationsSan Jose, California, United States
OKXSan Jose, CA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
- serp_jobs.job_card.new
Security Operations Analyst
Lucid MotorsNewark, CA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Lead Security Analyst (Dublin)
Insight GlobalDublin, CA, USserp_jobs.job_card.part_time
- serp_jobs.job_card.promoted
- serp_jobs.job_card.new
Fire and Security Alarm Systems Technician (External)
Bay Area Rapid TransitOakland, CA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Senior Security Engineer
WaymoMountain View, CA, United Statesserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
- serp_jobs.job_card.new
Security Officer II, East Bay Area, Float Pool
Sutter HealthBerkeley, CA, USserp_jobs.job_card.full_time
- serp_jobs.job_card.promoted
Information Security Analyst
TradeJobsWorkForce94137 San Francisco, CA, USserp_jobs.job_card.full_time