Sr. Analyst, Information Security (hybrid onsite, Omaha NE)
About The Position
We are seeking a Senior Analyst to join our Information Security Assessment team. In this role, you’ll lead offensive security testing across applications, APIs, and enterprise systems while partnering closely with technology and business teams to improve defenses. This position requires deep technical expertise in penetration testing and vulnerability management, combined with strong communication skills to translate findings into actionable security improvements. You’ll serve as a subject matter expert for penetration testing and secure design, advising project teams, system owners, and business leaders on how to mitigate risk and meet compliance requirements.
Requirements
- 5+ years of relevant experience in information security, with at least 2 years of hands-on penetration testing.
- Expertise across multiple security domains, including penetration testing, vulnerability assessment, risk assessment, and secure architecture.
- Strong knowledge of application security principles, including secure SDLC and threat modeling.
- Practical experience with tools such as Burp Suite, Metasploit, Nmap, Nessus, or similar.
- Familiarity with regulatory and industry frameworks (ISO 27001, PCI-DSS, FFIEC, OCC, etc.).
- Excellent communication and documentation skills — able to present complex findings to both technical and non-technical audiences.
- Ability to mentor junior team members and influence cross-functional teams.
- Bachelor’s degree in Computer Science, Information Systems, Engineering, or related field (or equivalent experience).
- Candidates must possess unrestricted work authorization and not require future sponsorship.
Nice To Haves
- Professional certifications strongly preferred: OSCP, GPEN, GXPN, CISSP, or similar.
Responsibilities
- Lead and execute penetration testing of APIs, web applications, and internal/external systems.
- Coordinate penetration testing activities with application/system owners and guide issue resolution.
- Act as a subject matter expert on offensive security and secure design for enterprise projects.
- Contribute to operating system hardening standards and secure configuration guidelines.
- Manage vulnerability management activities and ensure remediation efforts are effective.
- Evaluate and advise on new technologies for secure enterprise adoption.
- Provide consulting and training to business and technical teams on reducing security risks.
- Partner with regulators and internal auditors on compliance reporting and assessments.
- Monitor and scan systems for compliance with security standards, remediating gaps as needed.
- Recommend process improvements to strengthen the enterprise security posture.
Benefits
- Medical, Dental, Vision Insurance
- 401k, With Matching Contributions
- Time Off Programs
- Health Savings Account (HSA)/Dependent Care
- Employee Banking
- Growth Opportunities
- Tuition Assistance
- Short-Term/Long-Term Disability Insurance
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
