Federal Vuln Scan Staff Consultant

ABOUT THE ROLE 

As the Federal Vuln Scan Staff Consultant with A-LIGN, you will be part of a dedicated team whose sole purpose is to test and improve the security of our clients’ systems and data, across a wide range of industries. In this role, you will gather, process, and support vulnerability scans throughout compliance assessments.  

Your responsibilities will include assessing vulnerability scanning according to compliance requirements, processing vulnerability scan data into reports, and supporting remediation evidence review throughout project lifecycle.  

This position is open nationwide - candidates living anywhere in the United States can apply. 

REPORTS TO: Managing Consultant 

PAY CLASSIFICATION: Full-Time, Exempt 

RESPONSIBILITIES 

• Conduct client calls to assess vulnerability scanner configurations 
• Perform or evaluate Web App, Database, Container, and Infrastructure Scanning 
• Validate that scanner configurations and output meet compliance requirements 
• Clearly communicate issues discovered during the initial call or validation process 
• Process vulnerability scan data manually in Excel, if needed 
• Write or improve automation that makes the process more efficient 
• Process and compare re-scans, and review remediation evidence  
• Evaluate risk mitigation justification and evidence, follow up with clients as needed 
• Support penetration test engagements as a secondary responsibility, as availability allows 

MINIMUM QUALIFICATIONS 

EDUCATION       

• Bachelor’s degree in management information systems, information security, computer science, or relevant discipline; or combination of relevant education and work experience 

EXPERIENCE       

• Experience performing or analyzing vulnerability scans 
• Experience using Excel, PowerQuery, Python/PowerShell for automation 
• Knowledge of FISMA/FedRAMP methodologies or NIST 800-53 framework 
• Familiarity with Burp Suite, Nessus, Tenable.io, Qualys, or other vulnerability scanners 
• Solid understanding of AWS/Azure Cloud Architecture 
• Experience with TryHackMe, HackTheBox, or other cybersecurity training platforms 

CERTIFICATIONS 

Current A+, Network+, Security+, CySa+, OSCP, or other related certification 

SKILLS 

• Strong attention to detail to identify scan issues 
• Ability to organize and multitask as many projects will be running at once 
• Excellent written and verbal communication skills 
• Ability to meet deadlines with a high degree of motivation 
• Ability to work individually as well as collaboratively 
• Knowledge of nmap and other penetration testing tools 

BENEFITS 

• Employer Paid Health, Vision, Dental 
• 401 (K) Plan with Employer Matching 
• Competitive Bonus Structure 
• Employer Paid Life Insurance and Disability Insurance 
• Generous Paid Time Off Plan 
• Virtual Employment 
• Home Office Reimbursement
• Vacation Bonus 
• Paid Office Closure December 24-January 1 
• Paid Holidays Schedule 
• Certification Reimbursement
• Flu Shot Reimbursement
• TSA Precheck Reimbursement

ABOUT A-LIGN 

A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,400 global organizations to confidently mitigate cybersecurity risks. We work with small businesses to global enterprises with services spanning across SOC, Penetration Testing, PCI DSS, HITRUST, ISO and privacy compliance. Our proprietary compliance management platform is transforming the compliance experience by enabling an anytime, anywhere approach to audits. For more information, visit www.A-LIGN.com.