Consultant - Vulnerability Management | US Remote

About Coalfire Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world.  But that’s not who we are –that’s just what we do.  We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.  And we’re growing fast. We’re looking for a Consultant to support our Vulnerability Management team- open to remote locations in the US.
Position SummaryThe Consultant Vulnerability Management (VM) will work as part of a team assessing the security and compliance of client firms against regulatory and industry requirements and standards, and against security best practice frameworks.  Consultants possess a foundation of technical & professional skills sufficient to participate in customer engagements where their base skills apply.  Critically important in the Consultant is the drive to continually build upon this foundation and develop into a broadly skilled penetration tester by deepening existing and developing new skills.   The Consultant will work closely with Project Managers, Senior Consultants and direct managers on their assigned duties. Consultants continue to deepen their skills and broaden their impact both internal to Coalfire, as well as the Security Community as a whole.

Wat You'll Do

• Work with some of the leading Cloud Service Providers (CSPs) to validate vulnerability management security posture of their products and services.
• Monitor and maintain enterprise security scanning tools (Nessus, Qualys, Nexpose, Netsparker, Burp, etc.).
• Provide recommendations on remediating host-based and web application vulnerabilities.
• Conduct manual validation to confirm vulnerability closure.
• Perform analysis to validate justifications for false positives, operational requirements, and risk adjustments.
• Provide recommendations to optimize processes and procedures related to enterprise security scanning tools.
• Serve as subject matter expert for vulnerability management issue resolution.
• Communicate vulnerabilities, solutions, and enterprise trends to all levels of an enterprise – both technical and non-technical resources.
• Provide periodic reports detailing scan success, remediation efforts, and vulnerability trends.

What You'll Bring

• Minimum of 2 - 5 years of experience in IT and/or cybersecurity.
• Consulting/professional services experience.
• BS or above in related Information Technology field or equivalent combination of education and experience.
• Experience in at least one of the leading vulnerability management tool providers (Tenable, Qualys, Rapid7, etc...).
• Direct experience working with remediation teams and management on vulnerability remediation and security posture improvement.
• Experience will tool automation using scripting languages such as Python.
• Experience working in ticketing tools for remediation activities. 
• Knowledge and experience of industry best practices for vulnerability management.
• Knowledge of policies, procedures, development, and implementation of vulnerability identification, scanning, analysis, remediation tactics, and reporting within an organization.
• An interest and a desire to advance your career in cybersecurity.
• Strong analytical and communications (written and oral) skills.
• Be a team player who thrives on collaboration. 

Bonus Points

• Familiarity with Cloud services such as AWS, Azure, and/or GCP.
• Experience creating system inventories, boundary diagrams, and/or plans of actions and milestones (POA&M).
• Familiarity with compliance frameworks such as FedRAMP, FISMA, SOC, ISO, HIPAA, HITRUST, etc...
• Familiarity with configuration baseline standards such as CIS & STIG.
• Experience supporting vulnerability management across IaaS, PaaS, and/or SaaS providers. 

Why you’ll want to join us At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.  Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like flexible time off, certification and training reimbursement, and comprehensive insurance options.  At Coalfire, equal opportunity and pay equity is integral to the way we do business. A reasonable estimate of the compensation range for this role is $53,000.00 to $92,000.00 based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. #LI-Remote #LI-GB1