Identify vulnerabilities and potential exposure across enterprise networks, systems, and applications through continuous security assessments.

Conduct technical and non-technical risk assessments of technology environments, including local systems, network infrastructure, application environments, and supporting services.

Evaluate the effectiveness of existing security controls and recommend improvements to strengthen the organization’s security posture.

Provide actionable recommendations on cost-effective security controls to mitigate risks and protect information, systems, and business processes.

Produce technical documentation, incident reports, investigation summaries, and security findings to support situational awareness and informed decision-making.

Perform authorized security testing and vulnerability assessments on enterprise network assets and applications.

Conduct security reviews for new or updated applications to ensure compliance with secure development and deployment standards.

Continuously monitor and review system security status to ensure risks remain within acceptable thresholds.

Develop recommendations for strengthening defensive controls based on assessment and testing results.

Design and facilitate cybersecurity tabletop exercises to test incident response preparedness and improve team coordination.

Collaborate with security operations teams to develop and improve security alerts and detection capabilities.

Analyze threat trends to identify Indicators of Compromise (IOCs) and emerging threat patterns.

Conduct proactive threat hunting to detect suspicious activity and uncover hidden threats within the environment.

Identify control gaps that could allow threats to enter or move within the network.

Support the design and development of security tools, technologies, and automation to enhance defensive capabilities.

Develop and implement cybersecurity countermeasures and risk mitigation strategies for systems and applications.

Evaluate internally developed security tools to ensure effectiveness and operational readiness.

Assess system features and configurations to identify opportunities for strengthening security controls and improving resilience.

Perform security analysis of infrastructure components to identify weaknesses and areas for improvement.

Review wireless and network security configurations to ensure they meet security best practices.

Analyze security incidents and malicious activity to understand attack methods, exploited weaknesses, and potential impacts on systems and information.