The Role
The role involves leading threat and vulnerability assessments, developing management programs, conducting scans, collaborating with teams, and providing intelligence insights.
Summary Generated by Built In
We are seeking a highly skilled Threat and Vulnerability Management (TVM) Expert to join our Cybersecurity Advisory team. This role will focus on helping clients identify, assess, and remediate vulnerabilities across their IT and cloud environments. The ideal candidate will bring deep technical expertise, a strategic mindset, and strong consulting experience to deliver tailored TVM solutions.
Technical and Domain Experience:
· Lead threat and vulnerability assessments across client environments (on-prem, cloud, hybrid).
· Develop and implement vulnerability management programs aligned with industry standards (e.g., NIST, CIS, ISO 27001).
· Conduct regular scans using tools such as Tenable, Qualys, Rapid7, and Microsoft Defender.
· Analyze scan results, prioritize findings based on risk, and guide remediation efforts.
· Collaborate with client IT and security teams to improve patch management and configuration hygiene.
· Provide threat intelligence insights to contextualize vulnerabilities and emerging risks.
· Support compliance initiatives (e.g., SOX, HIPAA, PCI-DSS) through vulnerability reporting and documentation.
· Deliver executive-level reporting and dashboards to communicate risk posture and progress.
· Stay current with evolving threat landscapes, CVEs, and vulnerability trends.
Soft Skills:
· Strong interpersonal and communication skills; experience with cross-cultural communications.
· Agile and flexible, capable of dealing with ambiguity, and confront challenges and opportunities with speed, endurance and decisiveness.
Qualifications and Certifications:
· Bachelor’s degree in Cybersecurity, Information Technology, or related field; Master’s preferred.
· Five plus years of experience in cybersecurity, with a focus on threat and vulnerability management.
· Hands-on experience with vulnerability scanning tools and SIEM platforms.
· Strong understanding of CVSS scoring, exploitability, and risk prioritization.
· Familiarity with cloud platforms (AWS, Azure, GCP) and container security.
· Relevant certifications (e.g., CISSP, CEH, CompTIA Security+, GIAC GCIH or GSEC).
· Excellent communication and client-facing skills.
· Experience in a consulting or advisory role is highly desirable.
Top Skills
AWS
Azure
GCP
Microsoft Defender
Qualys
Rapid7
Tenable
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
CFGI is a unique and highly specialized financial consulting firm that is strategically positioned to help companies through a range of routine and complex business scenarios. As an extension of your corporate finance team, CFGI works alongside your internal staff, serving in a variety of roles – from technical accounting advisor to M&A support to Controller or CFO – and delivering seamless support services. Our key areas of expertise include:
» Technical Consulting
» Interim Management
» Corporate Tax
» Private Equity Services
» Valuation
» Robotic Process Automation (RPA)
