Consultant - Vulnerability Assessment

Coalfire · USA

Company

Coalfire

Location

USA

Type

Full Time

Job Description

About Coalfire
 
Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices and remote positions across the U.S. and U.K., and we support clients around the world.  
 
But that’s not who we are – that’s just what we do. 
 
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.   
 
And we’re growing fast. 
 
We’re looking for an Consultant to support our Vulnerability Assessment team.  
 
Position Summary
 
Coalfire Vulnerability Assessment  is composed of highly specialized security testers and advisors with a passion for enhancing system security postures.  Our team members actively participate in the information security community and have released toolsets, blog posts, and whitepapers. Our team members have presented at numerous industry conferences, including BlackHat, DefCon, ShmooCon, BlueHat, DerbyCon, 44CON, and numerous BSides, about offensive and defensive operations as well as the tools and capabilities we create and share.  Come join an amazing technical security team who makes a difference in the information security industry and consistently pushes the limit of offensive and defensive security capabilities.



What You’ll Do
  • Work with some of the leading Cloud Service Providers (CSPs) to validate vulnerability management security posture of their products and services
  • Monitor and maintain enterprise security scanning tools (Nessus, Qualys, Nexpose, Netsparker, Burp, etc.)
  • Provide recommendations on remediating host-based and web application vulnerabilities
  • Conduct manual validation to confirm vulnerability closure
  • Perform analysis to validate justifications for false positives, operational requirements, and risk adjustments
  • Provide recommendations to optimize processes and procedures related to enterprise security scanning tools
  • Serve as subject matter expert for vulnerability management issue resolution
  • Communicate vulnerabilities, solutions, and enterprise trends to all levels of an enterprise – both technical and non-technical resources, all the way up to the CIO
  • Provide periodic reports detailing scan success, remediation efforts, and vulnerability trends



What You’ll Bring
  • 2-5 years of vulnerability management experience
  • 2-5 years of cumulative network, application security, GRC, or cybersecurity consulting
  • Experience scanning for and enumerating vulnerabilities in the GCP environment
  • Demonstrated knowledge in the planning, development, coordination, implementation, and execution of a vulnerability management program
  • In-depth knowledge of policies, procedures, development, and implementation of vulnerability identification, scanning, analysis, remediation tactics, and reporting within an organization
  • In-depth knowledge of risk analysis and vulnerability remediation plan development
  • In depth knowledge and experience of industry best practices for vulnerability management
  • Expert level experience in configuring and executing within multiple vulnerability scanning tools
  • Direct experience working with remediation teams and management on vulnerability remediation and security posture improvement
  • Experience working in ticketing tools for remediation activities
  • Familiarity with configuration baseline standards such as CIS Benchmarks or DISA STIGs
  • Experience creating system inventories, boundary diagrams, and/or plans of actions and milestones (POA&M)



Bonus Points
  • Familiarity with frameworks such as FedRAMP, FISMA, SOC, ISO, HIPAA, HITRUST, etc.
  • Familiarity with Cloud services such as AWS, Azure
  • Experience supporting vulnerability management across IaaS, PaaS, and/or SaaS
  • Experience recreating web application scanning exploits in support of finding validation
  • Experience reporting to C-suite personnel on security posture
Why You'll Want to Join Us
 
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
 
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
 
At Coalfire, equal opportunity and pay equity is integral to the way we do business. A reasonable estimate of the compensation range for this role is $64,000 to $112,000 based on national salary averages. The actual salary offer to the successful candidate will be based on job-related education, geographic location, training, licensure and certifications and other factors. You may also be eligible to participate in annual incentive, commission, and/or recognition programs. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
 
#LI-Remote
#LI-HJ1

Explore More

mission to make the world a safer place Jobs cutting edge of technology Jobs thought leaders Jobs consultants Jobs and cybersecurity experts Jobs More Jobs at Coalfire Jobs in USA
Apply Now

Date Posted

05/31/2024

Views

3

Back to Job Listings Add To Job List Company Profile View Company Reviews
Positive
Subjectivity Score: 0.9

Similar Jobs

Engineering Manager - Software Supply Chain Security: Auth Infrastructure - GitLab

Views in the last 30 days - 0

This job description highlights a leadership role in developing secure scalable authentication infrastructure for GitLab It emphasizes technical exper...

View Details

Staff Salesforce Engineer - CRM Systems - GitLab

Views in the last 30 days - 0

This job description outlines a Staff Salesforce Developer role focusing on designing building and scaling enterprisegrade solutions across Salesforce...

View Details

Growth Product Lead - Loyalty - Trafilea

Views in the last 30 days - 0

Trafilea promotes itself as a transformative consumer tech platform with AIdriven growth solutions highlighting achievements like 1B revenue and globa...

View Details

Sales Prospecting Account Executive - Financial Solutions - Blackbaud

Views in the last 30 days - 0

This job posting seeks Prospect Account Executives to sell Financial Management applications for nonprofits and governments Responsibilities include s...

View Details

Solutions Architect - phData

Views in the last 30 days - 0

This job posting seeks a Solutions Architect to join phDatas Elastic Platform Operations team focusing on cloudnative data platforms like Snowflake AW...

View Details

Team Lead - Publisher Success Management (AdTech) - MGID

Views in the last 30 days - 0

MGID is a fastgrowing digital advertising company seeking a resultsdriven Team Lead to oversee client relationships and drive business growth in the U...

View Details