Why Work Here?
MorganFranklin Consulting is a management advisory firm that works with leading businesses and government to address complex and transformational finance, technology, cybersecurity, and business objectives.
MorganFranklin's cybersecurity practice helps clients across the globe to solve their most critical cybersecurity needs. From consulting and implementation to managed services and project resourcing, we work to safeguard assets by identifying risks, developing and maturing cybersecurity programs, and implementing solutions that support and meet business goals. Custom tailored and business-aligned service offerings include:
- Strategy and GRC
- Cybersecurity Operations
- Identity & Access Management
- Incident Response & Risk Intelligence
- Application Security
- Managed Security Services Provider
This is a Vaco employment opportunity aligned to MorganFranklin's cybersecurity offering (Vaco LLC, dba "MorganFranklin Cyber").
Learn what it means to truly own your career and be a part of a growing organization with a big, bold future
What Will You Do?
- Work with the product and technology teams to build in security early
- Tinker with frameworks, automate operations and promote impact through self-service
- Assess the application threat landscape by threat modeling and architecture reviews
- Guide product and technology teams to integrate security into their software development lifecycle
- Conduct security code reviews for a variety of languages and frameworks of web and mobile applications
- Plan and implement static code analysis
- Provide security training and outreach to internal development teams
- Document technical issues identified during security reviews and assessments
What Do You Need to Succeed?
- Solid understanding of OSI model, TCP/IP, HTTP and TLS
- Understands the principle of least privilege and the confidentiality, integrity, and availability triad and will work to enforce those concepts in our environment
- Experience with web application penetration testing
- Experience with languages such as Python, Go, Node.js
- Experience with secure coding practices and automating security checks in pipelines
- Comfortable working in and across cloud environments like AWS and Azure
- Comfortable with DevOps style tools like Ansible, Chef, Terraform, GitHub, Jenkins, Puppet, etc.
- Flexible to travel as needed
- Must be available for primarily onsite work in Brooklyn, NY.
- Strong organization, leadership, and team collaboration
- Good energy and willingness to learn
- Strong attention to detail
- Ability to work across teams and business domains
- Committed to the longevity of the Cybersecurity practice
- Long Term Disability
- Flexible Schedules
- Employee Events
- Flexible Spending Accounts
- Medical, Dental and Vision
- Paid Holidays
- Performance bonus
- Work From Home
- Vacation/paid time off
- Professional Development
- Life Insurance