Consultant - Vulnerability Assessment

Coalfire • USA

Company

Coalfire

Location

USA

Type

Full Time

Job Description

About Coalfire
 
Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices and remote positions across the U.S. and U.K., and we support clients around the world.  
 
But that’s not who we are – that’s just what we do. 
 
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.   
 
And we’re growing fast. 
 
We’re looking for an Consultant to support our Vulnerability Assessment team.  
 
Position Summary
 
Coalfire Vulnerability Assessment  is composed of highly specialized security testers and advisors with a passion for enhancing system security postures.  Our team members actively participate in the information security community and have released toolsets, blog posts, and whitepapers. Our team members have presented at numerous industry conferences, including BlackHat, DefCon, ShmooCon, BlueHat, DerbyCon, 44CON, and numerous BSides, about offensive and defensive operations as well as the tools and capabilities we create and share.  Come join an amazing technical security team who makes a difference in the information security industry and consistently pushes the limit of offensive and defensive security capabilities.



What You’ll Do
  • Work with some of the leading Cloud Service Providers (CSPs) to validate vulnerability management security posture of their products and services
  • Monitor and maintain enterprise security scanning tools (Nessus, Qualys, Nexpose, Netsparker, Burp, etc.)
  • Provide recommendations on remediating host-based and web application vulnerabilities
  • Conduct manual validation to confirm vulnerability closure
  • Perform analysis to validate justifications for false positives, operational requirements, and risk adjustments
  • Provide recommendations to optimize processes and procedures related to enterprise security scanning tools
  • Serve as subject matter expert for vulnerability management issue resolution
  • Communicate vulnerabilities, solutions, and enterprise trends to all levels of an enterprise – both technical and non-technical resources, all the way up to the CIO
  • Provide periodic reports detailing scan success, remediation efforts, and vulnerability trends



What You’ll Bring
  • 2-5 years of vulnerability management experience
  • 2-5 years of cumulative network, application security, GRC, or cybersecurity consulting
  • Experience scanning for and enumerating vulnerabilities in the GCP environment
  • Demonstrated knowledge in the planning, development, coordination, implementation, and execution of a vulnerability management program
  • In-depth knowledge of policies, procedures, development, and implementation of vulnerability identification, scanning, analysis, remediation tactics, and reporting within an organization
  • In-depth knowledge of risk analysis and vulnerability remediation plan development
  • In depth knowledge and experience of industry best practices for vulnerability management
  • Expert level experience in configuring and executing within multiple vulnerability scanning tools
  • Direct experience working with remediation teams and management on vulnerability remediation and security posture improvement
  • Experience working in ticketing tools for remediation activities
  • Familiarity with configuration baseline standards such as CIS Benchmarks or DISA STIGs
  • Experience creating system inventories, boundary diagrams, and/or plans of actions and milestones (POA&M)



Bonus Points
  • Familiarity with frameworks such as FedRAMP, FISMA, SOC, ISO, HIPAA, HITRUST, etc.
  • Familiarity with Cloud services such as AWS, Azure
  • Experience supporting vulnerability management across IaaS, PaaS, and/or SaaS
  • Experience recreating web application scanning exploits in support of finding validation
  • Experience reporting to C-suite personnel on security posture
Why You'll Want to Join Us
 
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
 
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
 
At Coalfire, equal opportunity and pay equity is integral to the way we do business. A reasonable estimate of the compensation range for this role is $64,000 to $112,000 based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
 
#LI-Remote
#LI-HJ1
Apply Now

Date Posted

05/31/2024

Views

3

Back to Job Listings ❤️Add To Job List Company Info View Company Reviews
Positive
Subjectivity Score: 0.9

Similar Jobs

Solution Engineer - Ottimate

Views in the last 30 days - 0

Ottimate is a company that automates accounts payables for fastgrowing businesses They offer a cloudfirst approach for invoice management and payments...

View Details

Online Data Analyst - Remote Position - TELUS Digital AI Data Solutions

Views in the last 30 days - 0

This freelance opportunity allows you to work as an online data analyst from home enhancing digital maps used by millions worldwide The role involves ...

View Details

Social Work Care Coordinator - VNS Health

Views in the last 30 days - 0

VNS Health is a large nonprofit home and communitybased health care organization providing comprehensive care management services across acute home an...

View Details

Speech-language pathologist - Presence

Views in the last 30 days - 0

The job posting is for a speechlanguage pathologist SLP to provide teletherapy services participate in IEP meetings and complete case reports The idea...

View Details

Solutions Consultant - Curai

Views in the last 30 days - 0

Curai Health is a remotefirst health tech company offering virtual urgent and primary care services powered by AI and a worldclass care team They are ...

View Details

Lead Security Engineer - Curai

Views in the last 30 days - 0

Curai Health an AIpowered virtual clinic is seeking a Lead Security Engineer to maintain infrastructure and operational security controls lead initiat...

View Details