ABOUT THE ROLE
As the Federal Vuln Scan Staff Consultant with A-LIGN, you will be part of a dedicated team whose sole purpose is to test and improve the security of our clients’ systems and data, across a wide range of industries. In this role, you will gather, process, and support vulnerability scans throughout compliance assessments.
Your responsibilities will include assessing vulnerability scanning according to compliance requirements, processing vulnerability scan data into reports, and supporting remediation evidence review throughout project lifecycle.
This position is open nationwide - candidates living anywhere in the United States can apply.
REPORTS TO: Managing Consultant
PAY CLASSIFICATION: Full-Time, Exempt
RESPONSIBILITIES
- Conduct client calls to assess vulnerability scanner configurations
- Perform or evaluate Web App, Database, Container, and Infrastructure Scanning
- Validate that scanner configurations and output meet compliance requirements
- Clearly communicate issues discovered during the initial call or validation process
- Process vulnerability scan data manually in Excel, if needed
- Write or improve automation that makes the process more efficient
- Process and compare re-scans, and review remediation evidence
- Evaluate risk mitigation justification and evidence, follow up with clients as needed
- Support penetration test engagements as a secondary responsibility, as availability allows
MINIMUM QUALIFICATIONS
EDUCATION
- Bachelor’s degree in management information systems, information security, computer science, or relevant discipline; or combination of relevant education and work experience
EXPERIENCE
- Experience performing or analyzing vulnerability scans
- Experience using Excel, PowerQuery, Python/PowerShell for automation
- Knowledge of FISMA/FedRAMP methodologies or NIST 800-53 framework
- Familiarity with Burp Suite, Nessus, Tenable.io, Qualys, or other vulnerability scanners
- Solid understanding of AWS/Azure Cloud Architecture
- Experience with TryHackMe, HackTheBox, or other cybersecurity training platforms
CERTIFICATIONS
Current A+, Network+, Security+, CySa+, OSCP, or other related certification
SKILLS
- Strong attention to detail to identify scan issues
- Ability to organize and multitask as many projects will be running at once
- Excellent written and verbal communication skills
- Ability to meet deadlines with a high degree of motivation
- Ability to work individually as well as collaboratively
- Knowledge of nmap and other penetration testing tools
BENEFITS
- Employer Paid Health, Vision, Dental
- 401 (K) Plan with Employer Matching
- Competitive Bonus Structure
- Employer Paid Life Insurance and Disability Insurance
- Generous Paid Time Off Plan
- Virtual Employment
- Home Office Reimbursement
- Vacation Bonus
- Paid Office Closure December 24-January 1
- Paid Holidays Schedule
- Certification Reimbursement
- Flu Shot Reimbursement
- TSA Precheck Reimbursement
ABOUT A-LIGN
A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,400 global organizations to confidently mitigate cybersecurity risks. We work with small businesses to global enterprises with services spanning across SOC, Penetration Testing, PCI DSS, HITRUST, ISO and privacy compliance. Our proprietary compliance management platform is transforming the compliance experience by enabling an anytime, anywhere approach to audits. For more information, visit www.A-LIGN.com.