Consultant - Vulnerability Assessment | Remote US

About Coalfire Coalfire is on a mission to make the world a safer place by solving our clients’ toughest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Denver, Colorado with offices and remote positions across the U.S. and U.K., and we support clients around the world.   But that’s not who we are – that’s just what we do.  We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.    And we’re growing fast.  We’re looking for an Consultant to support our Vulnerability Assessment team.  
Position Summary
Coalfire Vulnerability Assessment  is composed of highly specialized security testers and advisors with a passion for enhancing system security postures.  Our team members actively participate in the information security community and have released toolsets, blog posts, and whitepapers. Our team members have presented at numerous industry conferences, including BlackHat, DefCon, ShmooCon, BlueHat, DerbyCon, 44CON, and numerous BSides, about offensive and defensive operations as well as the tools and capabilities we create and share.  Come join an amazing technical security team who makes a difference in the information security industry and consistently pushes the limit of offensive and defensive security capabilities.

What You’ll Do

• Work with some of the leading Cloud Service Providers (CSPs) to validate vulnerability management security posture of their products and services
• Monitor and maintain enterprise security scanning tools (Nessus, Qualys, Nexpose, Netsparker, Burp, etc.)
• Provide recommendations on remediating host-based and web application vulnerabilities
• Conduct manual validation to confirm vulnerability closure
• Perform analysis to validate justifications for false positives, operational requirements, and risk adjustments
• Provide recommendations to optimize processes and procedures related to enterprise security scanning tools
• Serve as subject matter expert for vulnerability management issue resolution
• Communicate vulnerabilities, solutions, and enterprise trends to all levels of an enterprise – both technical and non-technical resources, all the way up to the CIO
• Provide periodic reports detailing scan success, remediation efforts, and vulnerability trends

What You’ll Bring

• 2-5 years of vulnerability management experience
• 2-5 years of cumulative network, application security, GRC, or cybersecurity consulting
• Experience scanning for and enumerating vulnerabilities in the GCP environment
• Demonstrated knowledge in the planning, development, coordination, implementation, and execution of a vulnerability management program
• In-depth knowledge of policies, procedures, development, and …