This job was posted more than 40 days ago and might be expired.
Coalfire logo

Associate, Vulnerability Assessment

Coalfire·See all Coalfire jobs on Jobr

Posted about 2 months ago

OfficeUnited States86k - 96k USD
About Coalfire
 
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
 
But that’s not who we are – that’s just what we do.
 
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.

POSITION SUMMARY: The Vulnerability Assessment Associate is responsible for identifying, analyzing, and reporting security vulnerabilities across systems, networks, and applications. This role supports the organization’s cybersecurity posture by conducting regular assessments, prioritizing risks, and collaborating with technical teams to remediate identified issues or determine mitigating controls to reduce security risk severities.
### What You'll Do
  • Operate, review, or assess implementations of vulnerability scanning tools (Tenable, Qualys, Nexpose, Prisma Cloud, Burp, etc.).
  • Provide recommendations on remediating host-based and web application vulnerabilities.
  • Conduct manual validation to confirm vulnerability closure. 
  • Analyze raw scan data to provide reports detailing credential success, inventory validation, and open vulnerabilities.
  • Perform analysis to validate justifications provided by clients for vendor dependencies, false positives, operational requirements, and risk adjustments.
  • Collaborate with other Coalfire personnel to drive customer satisfaction and ensure timely delivery of vulnerability scan findings, analysis results, and validated justifications. 
    • ### What You'll Bring
  • Less than 2 years of vulnerability assessment experience.
  • Past experience with a leading vulnerability scan tool (Tenable, Qualys, Nexpose, Prisma Cloud, Burp, etc.).
  • Bachelor’s degree in related Cybersecurity, Information Technology, Computer Science, or equivalent combination of education and experience.
  • Understanding of policies, procedures, development, and implementation of vulnerability identification, scanning, analysis, remediation tactics, and reporting within an organization. 
  • In depth knowledge and experience of industry best practices for vulnerability management. 
  • Expertise in Security Frameworks (ISO, NIST, COBIT, HIPAA/HITECH, etc.) and regulatory requirements.
    •  
    REQUIRED CERTIFICATIONS:
  • Certification in Security+, CCSK, AWS Cloud Practitioner, SSCP, GSEC, CEH, Cloud+, SC-900, 
    ISC² CC, AZ‑900, Cloud Essentials+, or GCP
    • ### Bonus Points
  • Familiarity with 3 or more frameworks such as FedRAMP, FISMA, SOC, ISO, HIPAA, HITRUST, etc.
  • Experience creating system inventories, boundary diagrams, and/or plans of actions and milestones (POA&M). 
  • Familiarity with Cloud services such as AWS, GCP, & Azure. 
  • Familiarity with configuration baseline standards such as CIS & STIG.
  • Experience with scripting such as Python, Bash, PowerShell.
    • Why You’ll Want to Join Us
     
    At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
     
    Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
     
    At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at [email protected].

    Other open roles at Coalfire(6)

    Senior Google Cloud Security Consultant
    United States
    🏡 Remote
    Principal Google Cloud Security Consultant
    United States
    🏡 Remote
    Director, Hyperscaler Strategy & Partnerships - AWS & Microsoft
    United States
    🏡 Remote
    Security Engineer (Splunk)
    United States
    🏡 Remote
    Senior Consultant - FedRAMP Assessment
    United States
    🏡 Remote
    See all Coalfire jobs on Jobr
    Job details
    Workplace
    Office
    Location
    United States
    Salary
    86k - 96k USD
    per year
    Coalfire logo
    Coalfire
    View company page

    Coalfire is a cybersecurity and compliance services company that works with enterprises and tech businesses in FedRAMP, cloud migration, AI Risk, pen…

    WebsiteLinkedIn+3
    Employees
    1027
    Industry
    Professional Services
    Headquarters
    Chicago, Illinois
    Founded
    2001
    Company location
    Chicago, Illinois
    Specialties
    IT Audits and Risk Asessments, Penetration Testing, PCI-DSS / PA-DSS Compliance Assessments, HIPAA / HITECH / HITRUST Assessments, Internal / External Vulnerability Scans (ASV Services), FISMA / FedRAMP 3PAO Advisory and Assessments, Third Party Risk Management, Cyber Risk Assessment, Cyber Breach Services, Gap Advisory, Cloud Maturity Assessment, Accelerated Cloud Engineering, Application Security, DevSecOps, Cloud Penetration Testing, FedRAMP, StateRAMP, Compliance Automation, Advisory, Strategy Privacy Risk, CISO Program Management, Vulnerability Management, and Red Team

    Key team members

    John Skipper

    John Skipper

    Kevin Tam

    Kevin Tam

    Chris Kloes

    Chris Kloes

    Richard Ling

    Richard Ling

    Apply smarter with Jobr

    Jobr aggregates jobs directly from company career portals — no middlemen. Our team applies on your behalf with AI-tailored resumes, reviewed by a human before submission.

    Direct from company career pages
    AI-personalised cover letters
    Human review before every submit
    Application tracking & follow-ups