SysLogic, Inc.SI

Security Analyst- Pen Testing

SysLogic, Inc. is an information systems consulting and services firm specializing in optimizing processes and technology solutions to improve client efficiency and reduce costs.

SysLogic, Inc.

Employee count: 51-200

United States only

The Security Analyst- Pen Testing plays a critical role in facilitating continued growth and execution within our security practice. This highly skilled and detail-oriented Consultant will have deep knowledge in Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Software Composition Analysis (SCA), and Hardware Penetration Testing. The ideal candidate will be responsible for identifying vulnerabilities across software and hardware systems, advising on remediation strategies, and communicating findings clearly to both technical and non-technical stakeholders.

Primary Responsibilities:

  • Conduct in-depth SAST, DAST, and SCA assessments across a variety of application types (web, mobile, desktop, APIs).
  • Perform hardware penetration testing on embedded systems, IoT devices, and industrial control systems (ICS), including debug interface discovery, firmware extraction and analysis, and secure boot review.
  • Develop and maintain threat models, attack trees, and risk assessments for both software and hardware systems.
  • Identify and exploit vulnerabilities using both manual techniques and automated tools, simulating real-world attack scenarios.
  • Provide detailed technical reports and executive summaries tailored to different audiences, including developers, engineers, and leadership.
  • Collaborate with product and engineering teams to prioritize and remediate vulnerabilities, offering secure design and coding recommendations.
  • Participate in security architecture reviews and code reviews to identify potential weaknesses early in the development lifecycle.
  • Assist in the development and implementation of security testing methodologies, checklists, and standard operating procedures.
  • Conduct security tool evaluations and help integrate them into CI/CD pipelines for continuous security testing.
  • Lead or support red team/blue team exercises, tabletop simulations, and incident response drills.
  • Stay abreast of the latest security trends, vulnerabilities, and threat actor tactics, techniques, and procedures (TTPs).
  • Contribute to internal knowledge bases, training sessions, and technical workshops to upskill team members and clients.
  • Engage with clients to understand their security needs, define testing scopes, and deliver high-quality consulting services.
  • Ensure all testing activities comply with legal, ethical, and organizational guidelines, including responsible disclosure practices.
  • Develop and present organized report findings to technical audiences.

Requirements

Professional Qualifications Sought:

  • Bachelor’s degree in computer science, cybersecurity or another related field, desired or significant aligned experience.
  • Overall experience working in a Pen Tester role in a diverse technical hardware and software environments for more than three years.
  • Certifications such as: Certified Ethical Hacker (CEH), Certified Hardware Security Professional (CHSP), Certified Mobile and Web Application Penetration Tester (CMWAPT), Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP) or other generally accepted security certifications, are a plus.
  • Present openness to new ideas, approaches, and technologies to address core business needs and align to risk tolerance.
  • Exhibit good time management, and presentation skills in virtual and face-to-face environments.
  • Consistently exhibit strong oral and written communication skills and the ability to present to groups of varying sizes and audiences in ad-hoc and prepared situations.

Technical Qualifications Sought:

  • Three years of experience independently conducting in-depth SAST and DAST assessments across web, mobile, desktop, and API-based applications using tools such as Burp Suite, Zed Attack Proxy (ZAP) and Nessus.
  • Referenceable history performing hardware penetration testing on embedded systems, IoT devices, including firmware extraction, reverse engineering and analysis utilizing tools like Binwalk and Ghidra.
  • Experience analyzing Android and iOS mobile application runtimes using both physical devices and emulators.
  • Hands-on experience developing and maintaining threat models, attack trees, and risk assessments for both software and hardware systems.
  • Knowledgeable in identifying and exploiting vulnerabilities using both manual techniques and automated tools, simulating real-world attack scenarios.
  • History of contributing to the development of detailed technical reports and executive summaries tailored to different audiences, including developers and engineers.
  • Experience collaborating with product and engineering teams to prioritize and remediate vulnerabilities, offering secure design and coding recommendations.
  • Successful implementation of security testing methodologies, checklists, and standard operating procedures.
  • Conduct security tool evaluations on CI/CD pipelines and cloud infrastructure for continuous security testing.
  • Stay abreast of the latest security trends, vulnerabilities, and threat actor tactics, techniques, and procedures (TTPs).
  • Contribute to internal knowledge bases, training sessions, and technical workshops to upskill team members and clients.
  • Engage with clients to understand their security needs, define testing scopes, and deliver high-quality consulting services.
  • Ensure all testing activities comply with legal, ethical, and organizational guidelines, including responsible disclosure practices.

Travel

  • Must be available to travel four to six times per year, with no more than 24 days away from home in a calendar year.

Employment locations: Although this is a remote position, we are only open to employment of individuals with their legal residence in the following states: Wisconsin, Illinois, Ohio, Michigan, Indiana, South Dakota, Iowa, Arkansas, North Carolina, Arizona and Florida.

Benefits

  • Health Care Plan (Medical, Dental Vision)
  • Retirement Plan (401k, IRA)
  • Life Insurance (Basic, Voluntary ADD)
  • Paid Time Off (Vacation, Sick Public Holidays)
  • Family Leave (Maternity, Paternity)
  • Long Term Disability
  • Training Development
  • Work From Home
  • Work life balance
  • Great Culture

About the job

Apply before

Posted on

Job type

Full Time

Experience level

Mid-level

Location requirements

United States

Hiring timezones

United States +/- 0 hours

Job categories

Penetration TesterSenior Penetration TesterSecurity AnalystCybersecurity Analyst

Skills

Penetration TestingDynamic Application Security Testing (DAST) ToolsSoftware Composition AnalysisHardware TestingThreat ModelingRisk AssessmentExploitation TechniquesSecurity Design ReviewsCode ReviewCI CD PipelinesRed Team Blue Team ExercisesIncident ResponseBurp suiteZed Attack Proxy (ZAP)NessusReverse EngineeringbinwalkGhidraAndroidiOSZAP

About SysLogic, Inc.

Learn more about SysLogic, Inc. and their company culture.

View company profile

Established in 1995, SysLogic is an information systems consulting and services firm dedicated to helping clients nationwide conduct business more effectively by delivering solutions that leverage leading-edge technology and sound business processes. SysLogic works collaboratively with clients to extend the range, reach, and value of information technology in their organizations, thereby transforming the way they conduct business. Our mission is to help clients achieve their boldest visions by applying innovative technology and process design to solve their toughest challenges.

Our expertise spans a wide range of areas including IT strategy, custom application development, architecture, cybersecurity, process engineering, business analysis, and project management. In striving to provide our clients with the best outcomes, we focus on building strong partnerships founded on trust, authenticity, and integrity. SysLogic is renowned for its commitment to innovation, as demonstrated by our continual investment in research, training, and maintaining a team that embodies diversity and expertise. Our dedication ensures we not only meet current client needs but also support their future growth.

Claim this profileSysLogic, Inc. logoSI

SysLogic, Inc.

Company size

51-200 employees

Founded in

1995

Chief executive officer

Tina Chang

Markets

Information Technology ConsultingCustom Application DevelopmentCybersecurityProcess EngineeringBusiness AnalysisProject Management ServicesEnterprise ArchitectureTechnology InnovationIT strategyDigital Transformation

Employees live in

United States
View company profile

Similar remote jobs

Here are other jobs you might want to apply for.

View all remote jobs
Top remote companies

Remote companies like SysLogic, Inc.

Find your next opportunity by exploring profiles of companies that are similar to SysLogic, Inc.. Compare culture, benefits, and job openings on Himalayas.

View all companies

Find your dream job

Sign up now and join over 100,000 remote workers who receive personalized job alerts, curated job matches, and more for free!

Sign up
Himalayas profile for an example user named Frankie Sullivan
Save
Apply now
SysLogic, Inc. hiring Security Analyst- Pen Testing • Remote (Work from Home) | Himalayas