Sr. Consultant - Threat and Vulnerability Management & Remediation | Remote, USA

This position will be fully remote and can be hired anywhere in the continental U.S

A Consultant on the Threat Vulnerability Management team serves as a technical advisor and possesses practical hands-on experience in several areas of an organization’s security and information systems configuration and how they relate to asset tracking (attack surface), patch management, configuration management, vulnerability management, and remediation. The consultant should be capable of performing complex assessments and interviews with staff while maintaining a business focus on meeting client demands. This position will work both independently and as part of a team to perform a number of Vulnerability Management and hands on remediation tasks to include: Discovery of Vulnerabilities and Asset Ownership, Prioritization of Data and vulnerabilities, Remediation of vulnerabilities, and Verification through risk-based analysis of findings.

How you’ll make an impact:

• Assess an organization’s vulnerability management program through the use of automated tools and manual techniques to identify and verify how assets and vulnerabilities are tracked and remediated 

• Provide tactical and strategic guidance and detailed remediation advice aimed at improving clients security posture 

• Use creative approaches to triage, prioritize, define, and remediate vulnerabilities 

• Assess Vulnerability Management programs including documented procedures, workflow from asset discovery through to remediation tracking. 

• Create comprehensive assessment reports that clearly identify existing vulnerabilities, average time to remediation, compensating controls, work in progress, as well as roadmap for remediation for vulnerabilities.  

• Interface with client personnel and technologies to gather information, clarify scope, and remediate vulnerabilities

• Execute projects using established methodology, tools and documentation 

• Successfully implement changes within client environments to reduce their overall risk

• Perform other duties as assigned

What we’re looking for:

• Bachelor's degree or approximately 5-7 years of related work experience.

• Approximately 4-7 years of years of experience performing Hands-on Configuration changes and patching, Vulnerability Management Engineering, and Vulnerability Assessments.

• PROFESSIONAL SKILLS REQUIREMENTS: 

• Experience with native and 3rd party patching tools (WSUS/SCCM/Ivanti/SolarWinds/JAMF/etc.) 

• Experience with and Understanding of commercial and open source vulnerability scanning tools is required (e.g. Nessus/Tenable, Rapic7, Qualys, Burp, Nmap, etc.) 

• Ability to combine multiple separate findings to identify complex blended vulnerabilities and attack chains

• Ability to identify, describe and report vulnerabilities and detailed remediation activities, to include clear demonstration of risk to clients

• Knowledge of Risk Based analysis tools (i.e. Kenna/Brina/etc.) 

• Familiarity with scripting languages (PowerShell/Python/Bash/etc.) 

• Deep understanding of different Operating Systems, network architectures, network devices, and software suites required (e.g. Linux, Windows, Cisco, Active Directory, GPO, etc.  

• Must be able to work well with customers and self-manage through difficult situations, focus on client satisfaction. 

• Ability to convey complex technical security concepts to technical and non-technical audiences including executives 

• Ability to work both independently as well as on teams to meet deadlines required. 

• Bachelor’s Degree from a four-year college or university in Information Assurance, Computer Science, Management Information Systems or related area of study preferred; related experience and/or training is required.

• CISSP and other industry certifications preferred 

• #LI-GN1

What you can expect from Optiv

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups.
• Work/life balance
• Professional training resources
• Creative problem-solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)

EEO Statement

Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law.

Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv’s selection and recruitment activities.  For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice. If you sign up to receive notifications of job postings, you may unsubscribe at any time.