The Role
About Coalfire
Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world.
But that’s not who we are – that’s just what we do.
We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference.
Position Summary
We’re looking for a continuous monitoring engineer to work on our vulnerability management processes, driving compliance and security in cloud-based environments. If you’re driven by a desire to innovate, excel at operational excellence, and thrive in a collaborative environment, come be part of a team committed to making the world a safer place.
What You'll Do
- Support and maintain enterprise vulnerability management tools (such as Tenable, Nessus, Burp, Qualys, Rapid7, Wiz, Prisma, Microsoft Defender), ensuring timely updates and patches
- Run regular and on-demand scans across operating systems, databases, web applications, and containers, then work with technical teams (for example, SRE and client administrators) to create tickets for remediation
- Track and document vendor dependencies, operational requirements, and open vulnerabilities on a monthly basis, producing clear reports and updates for clients
- Provide risk-based recommendations to address identified vulnerabilities, aligning remediation efforts with compliance obligations
- Collaborate with cross-functional technical teams to integrate vulnerability management processes within cloud environments (AWS, Azure, GCP)
- Contribute to improving internal standards and processes, including maintaining documentation, training materials, and standard operating procedures
- Participate in security assessment and authorization activities, ensuring alignment with frameworks such as FedRAMP, HITRUST, PCI, or similar
What You'll Bring
- 3–5 years of professional experience in vulnerability management, compliance monitoring, or related security operations roles
- Hands-on expertise with operating system, database, network, container, web application, and API vulnerability management
- Direct experience supporting vulnerability management in at least two of the following cloud providers: AWS, Azure, GCP
- Background working within at least one compliance framework (for example, FedRAMP, HITRUST, PCI), including risk assessment and reporting
- Experience delivering monthly or periodic vulnerability status reports and tracking remediation efforts with internal and external teams
- Basic administrative understanding of AWS, Azure, or GCP
- Strong knowledge of vulnerability scanning technologies and methods, including scoring systems (CVSS, CMSS)
- Effective communication, organizational, and documentation skills, with an emphasis on providing timely updates and clear reports to clients
- Ability to work efficiently with technical teams to investigate, prioritize, and remediate vulnerabilities
- Proficiency in scripting languages such as Python or PowerShell for task automation
- Familiarity with defining baseline configuration standards (for example, CIS Benchmarks) and reporting on compliance posture
Bonus Points
- Administrator-level certification in AWS, Azure, or GCP
- Security-focused cloud certifications for AWS, Azure, or GCP
- Security+
- CISSP
Why You’ll Want to Join Us
At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office.
Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in-person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options.
At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at [email protected].
Similar Jobs
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Coalfire is the cybersecurity advisor that helps private and public sector organizations avert threats, close gaps, and effectively manage risk. By providing independent and tailored advice, assessments, technical testing, and cyber engineering services, we help clients develop scalable programs that improve their security posture, achieve their business objectives, and fuel their continued success. Coalfire has been a cybersecurity thought leader for more than 20 years and has offices throughout the United States and Europe.
