Coalfire Federal
Vulnerability Management Security Engineer
Coalfire Federal, Washington, District of Columbia, us, 20022
Coalfire Federal is a market leading cybersecurity consultancy that provides independent and tailored advice, assessments, technical testing, and a full suite of cybersecurity engineering services to Federal agency customers. Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies. Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients toughest security challenges.
But thats not who we are thats just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. We're on the lookout for a Vulnerability Management Security Engineer (VSE) to support our Federal team. Location Our clientele is largely in the government space, primarily within the Washington, D.C. / Maryland / Northern Virginia (DMV) areas. While we do offer opportunities that are remote, hybrid, or on-site - a position location and travel may vary based on client needs, and so local candidates may be preferred. WHAT YOU'LL DO Assist in developing and maintaining security policies and standards, and ensuring compliance throughout the organization. Support the planning and implementation of VM Tools in the detection and tracking of security vulnerabilities. Monitors availability of system updates, and assists with their installation on security tools. Assist with investigations of security issues, collect Incident Response data, and summarize report findings. Analyze processes and technologies to ensure comprehensive protection exists on computer systems to prevent unauthorized entry to computer systems or compromise of data integrity or confidentiality. Provide up-to-date working knowledge in areas such as computer viruses, intrusion detection systems, encryption systems, firewalls, etc. Configure agency Vulnerability Management tools Generate, Analyze and Report on existing vulnerabilities and recommend mitigations. Monitoring of US-Cert, SANS and additional sources focused on new and evolving vulnerabilities affecting IT security WHAT YOU'LL BRING Demonstrated experience working with and securing Cisco, ESXi, Linux, Solaris and Windows operating systems based on defined policy guidance. Experience with regex, bash, PowerShell, and VBScript scripting languages. Ability to explain events and produce reports based on the data generated in vulnerability tools. A solid understanding of the current threats and tactics being used to attack systems. Experience providing similar service to other clients. Prior experience working with MS SQL Server. A strong knowledge of vulnerability management tools and methodologies such as Tenable Nessus, Qualys WAS, Nexpose, Burp Suite Pro A strong appetite to learn and ability to translate evolving threats and mitigations to real world recommendations. Ability to recognize and escalate risks, issues, and concerns when necessary. Education Completed Bachelors degree from an accredited university in an IT related field. Clearance / Suitability Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered. Certifications Our aim is to build a technologically diverse team - so while we dont have a set list, there may be certain benchmarks we look for that apply to your expertise. We recommend checking out the DoD Approved 8570 Baseline Certifications as an example. Preferred certifications typical for roles in our federal delivery services include: Security+, CEH, CISA, CISSP, CISM, or other industry recognized certification(s). Years of Experience At least three (3) to five (5) years of demonstrated experience implementing, configuring, and maintaining vulnerability management tools in an enterprise environment (i.e., Tripwire, Nessus, MS Defender, etc.). WHY JOIN US Our people make Coalfire Federal great.
We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve. Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, youll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. Youll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And youll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options. Coalfire is an EEO employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.
But thats not who we are thats just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. We're on the lookout for a Vulnerability Management Security Engineer (VSE) to support our Federal team. Location Our clientele is largely in the government space, primarily within the Washington, D.C. / Maryland / Northern Virginia (DMV) areas. While we do offer opportunities that are remote, hybrid, or on-site - a position location and travel may vary based on client needs, and so local candidates may be preferred. WHAT YOU'LL DO Assist in developing and maintaining security policies and standards, and ensuring compliance throughout the organization. Support the planning and implementation of VM Tools in the detection and tracking of security vulnerabilities. Monitors availability of system updates, and assists with their installation on security tools. Assist with investigations of security issues, collect Incident Response data, and summarize report findings. Analyze processes and technologies to ensure comprehensive protection exists on computer systems to prevent unauthorized entry to computer systems or compromise of data integrity or confidentiality. Provide up-to-date working knowledge in areas such as computer viruses, intrusion detection systems, encryption systems, firewalls, etc. Configure agency Vulnerability Management tools Generate, Analyze and Report on existing vulnerabilities and recommend mitigations. Monitoring of US-Cert, SANS and additional sources focused on new and evolving vulnerabilities affecting IT security WHAT YOU'LL BRING Demonstrated experience working with and securing Cisco, ESXi, Linux, Solaris and Windows operating systems based on defined policy guidance. Experience with regex, bash, PowerShell, and VBScript scripting languages. Ability to explain events and produce reports based on the data generated in vulnerability tools. A solid understanding of the current threats and tactics being used to attack systems. Experience providing similar service to other clients. Prior experience working with MS SQL Server. A strong knowledge of vulnerability management tools and methodologies such as Tenable Nessus, Qualys WAS, Nexpose, Burp Suite Pro A strong appetite to learn and ability to translate evolving threats and mitigations to real world recommendations. Ability to recognize and escalate risks, issues, and concerns when necessary. Education Completed Bachelors degree from an accredited university in an IT related field. Clearance / Suitability Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered. Certifications Our aim is to build a technologically diverse team - so while we dont have a set list, there may be certain benchmarks we look for that apply to your expertise. We recommend checking out the DoD Approved 8570 Baseline Certifications as an example. Preferred certifications typical for roles in our federal delivery services include: Security+, CEH, CISA, CISSP, CISM, or other industry recognized certification(s). Years of Experience At least three (3) to five (5) years of demonstrated experience implementing, configuring, and maintaining vulnerability management tools in an enterprise environment (i.e., Tripwire, Nessus, MS Defender, etc.). WHY JOIN US Our people make Coalfire Federal great.
We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve. Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, youll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. Youll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And youll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options. Coalfire is an EEO employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.