Role Description Evolve Security is looking for an OSOC Security Analyst to join our growing team. This position will assist with the overall successful delivery of various application vulnerability assessments, continuous internal / external penetration assessments, incident response and detection assessments, and other types of security strategy and architecture reviews. - Review eASM dashboard daily to monitor for any anomalies or security incidents. - Conduct testing and validation of vulnerabilities identified by the ASM system, providing evidence of validation to support remediation efforts. - Investigate eASM vulnerabilities thoroughly, analyzing potential impact and root causes. - Conduct various types of penetration testing, including scanning and password attacks, to identify potential weaknesses in the system. - Perform technical vulnerability scans and validate remediation efforts to ensure effective security posture. - Escalate identified vulnerabilities and security incidents to appropriate client or internal team members for resolution. - Engage with clients during project kick-off meetings to understand their specific security requirements and objectives. - Assist in maturing eASM Evolve Security processes, procedures, templates, and methodologies to enhance overall effectiveness. - Take on other duties as assigned to support the growth and expansion of enterprise and academy initiatives, contributing to the overall success of the security program. - Passionate about cybersecurity with a curiosity to learn. Qualifications - 0-1 years of information technology experience, ideally with a focus on information security. - 0-1 years penetration testing, application and vulnerability management experience through education or security/consulting firm. - Knowledge of multiple operating systems and associated command-line administration tools (Bash / PowerShell). - Knowledge of the application stack including web. - Scripting experience in one or more of: Ruby, Python, Perl, Bash. - ESCP, Security+ certifications. - A desire to tinker and understand how things work. - Ability to interface with clients, utilizing consulting and negotiating skills. - Strongly self-motivated and able to work independently towards team objectives. - Strong communication skills (oral and written) and ability to work as part of a team. Benefits - Healthcare Benefits - 401(k) Match - Parental Leave - Flexible Paid Time Off - Annual vacation reimbursement Company Description Evolve Security is a cybersecurity services firm headquartered in Chicago, IL. We are dedicated to improving our client’s security posture by providing continuous penetration testing, training services, and talent solutions. - In addition to our professional cybersecurity service offerings, Evolve Security offers a cybersecurity bootcamp, “Evolve Academy”, currently ranked the #1 cybersecurity bootcamp in the world. - The Cybersecurity Bootcamp in Chicago provides immersive training, giving students the concrete and practical skills needed on the job. - Students gain real work experience through live security assessment work that they perform on not-for-profit companies. - We are passionate about directly improving our customers’ security posture, and we proudly train others to help meet the need for qualified cybersecurity talent.

• Execute and monitor periodic vulnerability scans across internal infrastructure and cloud platforms. • Conduct periodic scans to support compliance requirements. • Perform External Attack Surface Assessments on internet-facing assets. • Assist in validating scan results and identifying false positives. • Analyze Vulnerability scan results to identify security gaps and potential threats. • Prioritise Vulnerability scan report based on risk severity and business impact. • Report findings to asset owners and relevant stakeholders for timely remediation. • Collaborate with IT, System Administrators, and Product Teams to ensure vulnerabilities are remediated within defined Service Level Agreements (SLAs). • Track remediation progress and follow up on outstanding vulnerabilities. • Support implementation of mitigation strategies where immediate remediation is not possible. • Assist in performing risk assessments related to identified vulnerabilities. • Support documentation of risks and contribute to mitigation planning. • Maintain awareness of evolving risk posture across systems. • Support the operation and maintenance of vulnerability management tools. • Assist in scan configuration, execution, result interpretation and reporting. • Support vulnerability management activities aligned with standards such as PCI-DSS, ISO 27001, and NIST. • Assist with audit preparation, including evidence gathering and documentations. • Ensure scanning and remediation practices meet compliance requirements. • Assist in creating dashboards and reports to visualize vulnerability trends, risk posture, and remediation performance. • Maintain accurate records of vulnerabilities, remediation status, and scan history. • Communicate findings clearly to both technical and non-technical stakeholders. • Suggest improvements to scanning, reporting, and remediation workflows. • Assist in Incident Response tasks and post-incident analysis when needed. • Assist in Threat Intelligence tasks from internal and external sources when needed. • Track emerging threats, vulnerabilities, and tactics used by relevant threat actors. • Contribute to threat briefings and recommendations for security controls. • Stay current with emerging vulnerabilities, threats, and cybersecurity trends. • Participate in training, labs, and knowledge-sharing sessions. • Continuously develop technical skills in security tools and methodologies.

• Help monitor Stantec’s systems for signs of intrusion • Work closely with the IT Security team to investigate, contain, and remediate security incidents • Perform operational reviews of IT security systems and monitor key consoles • Participate in the investigation of alleged security breaches to help determine root cause, impact, remediation • Respond to incidents reported by users through Stantec's IT ticketing systems • Assist IT Security administrators in management and operational configuration of IT Security systems and controls • Document all security incidents and near misses reported in our incident response system • Other duties as assigned

• Apply expert knowledge of concepts, processes, practices, and procedures on technical assignments • Support enterprise Cybersecurity standards • In coordination with Government develop and implement Cybersecurity standards and procedures • Coordinate, develop, and recommend security processes for an organization • Recommend Cybersecurity solutions to support customers’ requirements • Identify and report security violations • Recommend and satisfy Cybersecurity requirements based upon the analysis of CSPP, policy, regulatory, and resource demands • Support customers at the highest levels in the development and implementation of processes and policies • Apply know-how to government and commercial common user systems, as well as to dedicated special purpose systems requiring specialized security features and procedures • Support design and development of security features for system architecture requirements • Analyze and make recommendations of security requirements for computer systems which may include mainframes, workstations, and personal computers • Support design, development, engineering, and implementation of solutions that meet CSPP requirements • Provide integration and implementation of the computer system security solution • Analyze general Cybersecurity-related technical problems and provide basic engineering and technical support in solving these problems • Support vulnerability/risk analyses of computer systems and applications during all phases of the system development life cycle • Perform all procedures necessary to ensure the safety of information systems data assets and to protect systems from intentional or inadvertent access, theft, or destruction • Ensure that all information systems are functional and secure • Provide subject matter expertise, direction, guidance, tracking, and support on cyber security, risk management, continuous monitoring, security Assessment and Authorization (A&A), and business processes that support a metric-driven environment • Develop, maintain, and update Plans of Action and Milestones (POA&M) to identify system weaknesses, mitigation, and timelines for applying corrective actions