CyberOne is hiring! We hire smart, talented and high-performing professionals to push our organization forward and provide superior service to our customers. We each take accountability for our work, strive to make each other better, and genuinely love what we do. If you value learning new things, being innovative, and working in a supportive, collaborative environment, CyberOne may be the place for you.
If you are ready to raise the bar for your career and be part of our exciting journey, we would like to hear from you!
CyberOne is seeking an experienced Vulnerability Management Consultant to take a lead role in tracking multiple organizations’ security improvements and helping them apply increasingly stringent security standards. In this role, you’ll be responsible for implementing and operating vulnerability management tools and processes to identify risks, track system and application status, and communicate findings to stakeholders.
The position requires deep expertise in security standards, threat and vulnerability management, exploitation techniques, and secure development practices. You will detect vulnerabilities, assess their impact on organizations, and clearly communicate risks to both technical and business audiences. This position also manages coordinated disclosure processes, collaborating with external researchers to responsibly report and resolve vulnerabilities.
CyberOne is seeking an experienced Vulnerability Management Consultant to take a lead role in tracking multiple organizations’ security improvements and helping them apply increasingly stringent security standards. In this role, you’ll be responsible for implementing and operating vulnerability management tools and processes to identify risks, track system and application status, and communicate findings to stakeholders. The position requires deep expertise in security standards, threat and vulnerability management, exploitation techniques, and secure development practices. You will detect vulnerabilities, assess their impact on organizations, and clearly communicate risks to both technical and business audiences. This position also manages coordinated disclosure processes, collaborating with external researchers to responsibly report and resolve vulnerabilities.
Essential Functions
Perform in-depth analysis of vulnerabilities by correlating data from various sources.
Proactively research and monitor security-related information sources for vulnerability discovery.
Assess impact of vulnerabilities on critical systems or data and advise on remediation.
Maintain patch and vulnerability management practices to protect against exploitation.
Manage tracking and remediation of vulnerabilities, obtaining action plans from stakeholders and using ticketing systems.
Research current vulnerabilities and exploits using trusted resources.
Document remediation tasks for application and system owners.
Report findings and remediation recommendations to stakeholders (e.g., executive reports, trends reports).
Assist system engineering team in configuring and deploying vulnerability scanning and network assessment tools.
Support Incident Detection and Response team in daily operations.
Conduct scans to identify vulnerabilities and ensure security standards compliance.
Coordinate with teams to perform regular patching and scanning.
Coordinate with external researchers and organizations during the disclosure process for responsible reporting and resolution.
Previous functional experience in the areas of cybersecurity, data protection, and GRC management.
Develop reporting metrics, dashboard, and evidence artifacts to address VM program requirements.
Experience with communication of Cybersecurity topics (including risk) to management and business stakeholders
Knowledge of information system architecture and security controls (i.e., Cloud, firewall, operating systems, wireless architectures, databases, 3rd party risk, information security policies and procedures).
Experience with one or more of the following information security frameworks (PCI, CMMC, ISO, NIST, etc.).
Demonstrate in-depth technical capabilities and professional knowledge and demonstrate the ability to assimilate new knowledge proactively.
Active participation in information security conferences.
Required Education and Experience
5+ years of relevant consulting or industry experience, preferably in a professional services environment. (Big 4 a plus).
Extensive experience in vulnerability management, patch management, and configuration management best practices.
Knowledge of researching vulnerabilities, exploitation techniques, and industry trends/threats.
Familiarity with ComWeakness Enumeration (CWE) and Common Vulnerability Scoring System (CVSS).
Experience with vulnerability and compliance scanning tools such as Qualys, Rapid7, or Tenable Nessus.
Ability to interpret security advisories and understand vulnerability exploitation and impact.
Detailed knowledge of all aspects of Vulnerability Management processes, tools, metrics, and reporting
Experience in day-to-day operational processes such as security monitoring, data correlation, troubleshooting, security operations, digital forensics, and incident response.
Comprehensive experience with all aspects of ERP Vulnerability Management and security and associated tools and processes.
An understanding of the MITRE ATT&CK Framework, stages of an attack and sub-techniques. Ability to identify tactics, techniques, and procedures (TTPs) of potential threats through the MITRE ATT&CK or similar frameworks.
Experience in Attack Surface Management (ASM) tools and implementation
Ability to understand and articulate complex vulnerability information to both technical and non-technical audience.
Experience performing basic scripting tasks using only what is found in the environment, such as BASH, PowerShell, Python, Perl, or other native scripting languages a plus.
Ability to self-direct project outcomes and achieve program goals with minimal supervision.
Problem-solving and troubleshooting skills for resolving communication and system issues.
Experience implementing scanning architectures.
Familiarity with data analysis and visualization technologies.
Experience managing and tracking vulnerability cases.
Excellent written and oral communication skills.
Preferred Education and Experience
Bachelor’s degree in relevant discipline (e.g. MIS, CIS).
Prior project management and supervisory experience preferred.
Core Skills and Abilities
Exceptional customer service orientation with the ability to foster relationships and engage persuasively with both local and remote clients.
Strong organizational, job administration, and time management skills with the ability to adapt to a fast-paced, changing environment.
Excellent analytical and problem-solving skills with sound judgment.
Strong written and verbal communication skills, including documentation of findings, recommendations, and interaction with senior leadership, peers, and clients.
Ability to maintain a professional demeanor and resilience under high stress.
Demonstrated understanding of business ethics and ability to handle highly confidential information professionally.
Work Environment and Physical Demands
Hybrid work environment in the Plano, TX headquarters, unless otherwise specified by role.
Must be able to travel (up to 30%) to customer sites, company meetings, or events as required by the role.
This role routinely uses standard office equipment such as laptop computers, smartphones, printers, and copy machines.
Prolonged periods of sitting or standing while working at a computer.
Ability to navigate office and client environments, which may include walking, stairs, or carrying light materials (up to 25 lbs).
Ability to work in a fast-paced, dynamic environment while maintaining professionalism and meeting deadlines.
If you are passionate, driven and ready to take your career to the next level, we invite you to apply today!
CyberOne is a proud Equal Opportunity and Affirmative Action Employer. All qualified applicants, regardless of race, color, genetic information, national origin, religion or belief, sex, affectional or sexual orientation, gender identity or expression, immigration status, ancestry, age, marital status, disability, or protected veteran status, are encouraged to apply and will receive equal consideration based on merit, qualifications, and business need.
Recruitment Agencies Please Note:
"In accordance with our recruitment policy, CyberOne strictly prohibits any form of solicitation of our employees by external agencies or third parties. Any candidate information that may be received from such agencies or third parties shall be deemed as a voluntary gift and shall become the exclusive property of CyberOne. Exceptions to this policy apply only when an Agency/Third Party is an Authorized Vendor of CyberOne, holding a valid and current contract that has been duly signed by our People Services Manager or CFO of CyberOne. Under no circumstances will any payment be made to any Agency/Third Party unless they are an Authorized Vendor or possess written approval from the CyberOne People Services Manager or CFO, granting them explicit permission to engage in recruitment efforts on behalf of CyberOne."
Ces cookies sont nécessaires au fonctionnement du site web et ne peuvent pas être désactivés dans nos systèmes. Vous pouvez configurer votre navigateur pour qu'il bloque ces cookies, mais certaines parties du site risquent alors de ne pas fonctionner.
Sécurité
Expérience utilisateur
Cookies ciblés
Ces cookies sont placés par nos partenaires publicitaires via notre site web. Ils peuvent être utilisés par ces entreprises pour créer un profil de vos intérêts et vous montrer des publicités pertinentes ailleurs.
Google Analytics
Google Ads
Nous utilisons des cookies
🍪
Notre site web utilise des cookies et des technologies similaires pour personnaliser le contenu, optimiser l'expérience de l'utilisateur, individualiser et évaluer la publicité. En cliquant sur OK ou en activant une option dans les paramètres des cookies, vous acceptez cela.
Les meilleurs emplois à distance par courriel
Rejoins 5'000+ personnes qui reçoivent des alertes hebdomadaires avec des emplois à distance!
