Federal Vuln Scan Staff Consultant
Remote - US, Nationwide
Applications have closed
ABOUT THE ROLE
As the Federal Vuln Scan Staff Consultant with A-LIGN, you will be part of a dedicated team whose sole purpose is to test and improve the security of our clients’ systems and data, across a wide range of industries. In this role, you will gather, process, and support vulnerability scans throughout compliance assessments.
Your responsibilities will include assessing vulnerability scanning according to compliance requirements, processing vulnerability scan data into reports, and supporting remediation evidence review throughout project lifecycle.
This position is open nationwide - candidates living anywhere in the United States can apply.
REPORTS TO: Managing Consultant
PAY CLASSIFICATION: Full-Time, Exempt
RESPONSIBILITIES
- Conduct client calls to assess vulnerability scanner configurations
- Perform or evaluate Web App, Database, Container, and Infrastructure Scanning
- Validate that scanner configurations and output meet compliance requirements
- Clearly communicate issues discovered during the initial call or validation process
- Process vulnerability scan data manually in Excel, if needed
- Write or improve automation that makes the process more efficient
- Process and compare re-scans, and review remediation evidence
- Evaluate risk mitigation justification and evidence, follow up with clients as needed
- Support penetration test engagements as a secondary responsibility, as availability allows
MINIMUM QUALIFICATIONS
EDUCATION
- Bachelor’s degree in management information systems, information security, computer science, or relevant discipline; or combination of relevant education and work experience
EXPERIENCE
- Experience performing or analyzing vulnerability scans
- Experience using Excel, PowerQuery, Python/PowerShell for automation
- Knowledge of FISMA/FedRAMP methodologies or NIST 800-53 framework
- Familiarity with Burp Suite, Nessus, Tenable.io, Qualys, or other vulnerability scanners
- Solid understanding of AWS/Azure Cloud Architecture
- Experience with TryHackMe, HackTheBox, or other cybersecurity training platforms
CERTIFICATIONS
Current A+, Network+, Security+, CySa+, OSCP, or other related certification
SKILLS
- Strong attention to detail to identify scan issues
- Ability to organize and multitask as many projects will be running at once
- Excellent written and verbal communication skills
- Ability to meet deadlines with a high degree of motivation
- Ability to work individually as well as collaboratively
- Knowledge of nmap and other penetration testing tools
BENEFITS
- Employer Paid Health, Vision, Dental
- 401 (K) Plan with Employer Matching
- Competitive Bonus Structure
- Employer Paid Life Insurance and Disability Insurance
- Generous Paid Time Off Plan
- Virtual Employment
- Home Office Reimbursement
- Vacation Bonus
- Paid Office Closure December 24-January 1
- Paid Holidays Schedule
- Certification Reimbursement
- Flu Shot Reimbursement
- TSA Precheck Reimbursement
ABOUT A-LIGN
A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,400 global organizations to confidently mitigate cybersecurity risks. We work with small businesses to global enterprises with services spanning across SOC, Penetration Testing, PCI DSS, HITRUST, ISO and privacy compliance. Our proprietary compliance management platform is transforming the compliance experience by enabling an anytime, anywhere approach to audits. For more information, visit www.A-LIGN.com.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits Automation AWS Azure Burp Suite Cloud Compliance Computer Science FedRAMP FISMA HITRUST Nessus NIST NIST 800-53 Nmap OSCP PCI DSS Pentesting PowerShell Privacy Python Qualys SOC Vulnerability scans
Perks/benefits: Competitive pay Flex vacation Health care Insurance Salary bonus
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Network security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs