Coalfire Federal

Vulnerability Management Engineer (VSE) - Hybrid

Job Locations US-DC-Washington DC Metro
ID
2024-3750
Type
Regular Full-Time

About Coalfire

Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers.  Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships with leading cloud and technology providers including Amazon, Microsoft, IBM, Google and Oracle and Federal agencies.  Coalfire has been a cybersecurity thought leader for over 20 years and has offices throughout the United States and Europe and is committed to making the world a safer place by solving our clients’ toughest security challenges. 

 

But that’s not who we are – that’s just what we do.

 

We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.  

 

We're on the lookout for a Vulnerability Management Security Engineer (VSE) to support our Federal team.

 

Location

Our clientele is largely in the government space, primarily within the Washington, D.C. / Maryland / Northern Virginia (DMV) areas. While we do offer opportunities that are remote, hybrid, or on-site - a position location and travel may vary based on client needs, and so local candidates may be preferred.

What you'll do

  • Assist in developing and maintaining security policies and standards, and ensuring compliance throughout the organization.
  • Support the planning and implementation of VM Tools in the detection and tracking of security vulnerabilities.
  • Monitors availability of system updates, and assists with their installation on security tools.
  • Assist with investigations of security issues, collect Incident Response data, and summarize report findings.
  • Analyze processes and technologies to ensure comprehensive protection exists on computer systems to prevent unauthorized entry to computer systems or compromise of data integrity or confidentiality.
  • Provide up-to-date working knowledge in areas such as computer viruses, intrusion detection systems, encryption systems, firewalls, etc.
  • Configure agency Vulnerability Management tools
  • Generate, Analyze and Report on existing vulnerabilities and recommend mitigations.
  • Monitoring of US-Cert, SANS and additional sources focused on new and evolving vulnerabilities affecting IT security

 

What you'll bring

  • Demonstrated experience working with and securing Cisco, ESXi, Linux, Solaris and Windows operating systems based on defined policy guidance.
  • Experience with regex, bash, PowerShell, and VBScript scripting languages.
  • Ability to explain events and produce reports based on the data generated in vulnerability tools.
  • A solid understanding of the current threats and tactics being used to attack systems.
  • Experience providing similar service to other clients.
  • Prior experience working with MS SQL Server.
  • A strong knowledge of vulnerability management tools and methodologies such as Tenable Nessus, Qualys WAS, Nexpose, Burp Suite Pro
  • A strong appetite to learn and ability to translate evolving threats and mitigations to real world recommendations.
  • Ability to recognize and escalate risks, issues, and concerns when necessary.

 

Education
Completed Bachelor’s degree from an accredited university in an IT related field.

 

Clearance / Suitability 

Ability to obtain a clearance or a Public Trust is preferred, however all clearance levels and non-cleared applicants will also be considered.

 

Certifications 

Our aim is to build a technologically diverse team - so while we don’t have a set list, there may be certain benchmarks we look for that apply to your expertise. We recommend checking out the DoD Approved 8570 Baseline Certifications as an example.

 

Preferred certifications typical for roles in our federal delivery services include: Security+, CEH, CISA, CISSP, CISM, or other industry recognized certification(s). 

 

Years of Experience 

At minimum three (3) to five (5) years of demonstrated experience implementing, configuring, and maintaining vulnerability management tools in an enterprise environment (i.e., Tripwire, Nessus, MS Defender, etc.).

 

Why you'll want to join us

Our people make Coalfire Federal great. We work together on interesting things and achieve exceptional results. We act as trusted advisors to our customers and are committed to client-focused innovation as well as innovation in the industries that we serve.

Coalfire offers our people the chance to grow professionally with colleagues they like and respect while tackling challenges that stretch their minds and expand their skill sets. Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more.

You’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support memberships, and comprehensive insurance options.  

Coalfire is an EEO employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.  

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed