Associate Analyst - Asset Discovery

As an Analyst – Asset Discovery at ZeroFox, you will join the Attack Surface & Vulnerability Assessment (ASVA) team, a group of highly skilled individuals working to protect digital assets from the latest threats. In this role, you will support our team by guiding them in discovering customer assets and conducting detailed analysis of cyber risks. Your goal: help lead a team of Analysts to research, identify, and assess digital assets. In the role you will demonstrate technical leadership and mentor Asset Discovery team members in attack surface discovery, vulnerability assessment, and penetration testing skills.

You’ll join a team of software engineers, cybersecurity experts, and data scientists who are disrupting the cyber security industry providing Digital Risk Protection: Protection on social media and digital channels from security threats like social engineering, external fraud, data loss, and insider threat

Requirements

Roles & Responsibilities

• Work with teams to understand potential attack surfaces using open source enumeration tools, proprietary technology and tooling
• Utilize internal and external tools to discover digital assets
• Create scripts in Python to automate scans and tasks
• Support ad hoc, client-specific requests
• Review deliverables and establishes weekly, monthly and quarterly metrics
• Strong leadership skills with a desire to mentor and train junior members
• Lead team productivity and outputs during your assigned shift

Qualifications

• 1-3 years experience in one or more of the following areas: Attack surface management, Penetration Testing, Red teaming
• Bachelor’s Degree in technical discipline (e.g. engineering) or equivalent experience
• Knowledge of Python and bash scripting
• Basic understanding of DNS and basic network and host security concepts, enumeration tools and techniques, OSINT, AMASS
• Knowledge on IPs, CIDRs, BGP
• Comfortable with Linux, Kali Linux, Virtual Machines
• Strong analytical skills and attention to detail
• Working knowledge of Python
• Knowledge of OWASP top 10
• Ability to produce superior work while meeting aggressive deadlines
• Comfortable working independently and in teams
• Ability to quickly adapt and innovate
• Self-starting attitude
• Knowledge of major social networks
• Solid interpersonal and social skills
• Spoken and written fluency in the English language
• Huge Plus:Experience with vulnerability assessment products, such as: Nuclei, ZAP, ipwhois, domaintools, security trails, Tenable, Qualys, Rapid7, OpenVAS, nmap

Benefits

• Competitive compensation
• Community-driven culture with employee events
• Generous time off
• Best-in-class benefits
• Fun, modern workspace
• Respectful and nourishing work environment, where every opinion is heard and everyone is encouraged to be an active part of the organizational culture