Associate Security Consultant – Vulnerability Management

Role Overview

• Conduct day-to-day VMaaS activities, including vulnerability scanning, asset discovery, scan policy configuration, and reporting.
• Independently conduct Attack Surface Control (ASC) engagements for a variety of clients.
• Monitor automated penetration testing tooling to identify and validate security weaknesses.
• Perform validation of vulnerability findings to eliminate false positives and determine actual risk.
• Collaborate with the penetration testing team to conduct further deep-dive testing as needed.
• Perform assessment and threat modeling against industry best practices to identify control weaknesses.
• Perform root cause analysis on identified vulnerabilities and attack surface weaknesses to determine technical solutions to be presented to client along with recommendations for remediations.
• Assist in defining, measuring, and quantifying business risk and vulnerability impacts to clients and their stakeholders.

Requirements

• Completed Bachelor’s Degree in a related field or relevant work experience
• 1–3 years of hands-on penetration testing or vulnerability management experience
• Ability to travel to SHI, Partner, and client events
• Industry certifications preferred (e.g., CPTS, OSCP, PNPT, Security+, CySA+, or vendor-specific VM certifications.)
• Demonstrated understanding of legal/ethical considerations, testing authorization, and safe handling of client data.

Benefits

• medical
• vision
• dental
• 401K
• flexible spending