Senior Security Consultant

Summary

Join GuidePoint Security as a Senior Security Consultant and become part of a rapidly growing, successful team of knowledgeable technologists. You will be involved in the entire professional services lifecycle, from pre-sales to delivery, working with leading organizations. This role requires expertise in vulnerability management, risk assessment, and security technologies. You will need strong communication skills and a passion for customer service. GuidePoint offers a remote-first work environment, excellent benefits including fully paid medical and dental premiums, flexible time off, and a retirement plan.

Requirements

• Have experience with the entire vulnerability management lifecycle
• Have experience with Qualys, Tenable, or Rapid7 (deployment experience a plus)
• Possess an understanding of operating systems such as Windows Server, Windows 10/7, Mac OSX, RHEL, and Ubuntu Linux and the ability to perform basic functions at the CLI
• Possess an understanding of networking concepts, protocols and detailed knowledge of how networks function
• Have a strong understanding of systems design and implementation
• Have an understanding of how and why vulnerabilities exist and are exploited
• Have a working knowledge of Application Security and infrastructure-specific vulnerabilities such as those included in the OWASP Top 10 (SQL Injection, Cross-site Scripting, etc.)
• Possess strong written and verbal communication skills
• Have a strong desire to learn new technologies and contribute to a fast-growing company
• Possess a Bachelor's degree in Computer Science, Engineering, Information Systems/Security or related discipline

Responsibilities

• Assist with building and maintaining vulnerability management programs in large and complex environments
• Perform basic scripting tasks using BASH, PowerShell, Python, Perl, or other native scripting languages
• Interpret vulnerability scan results and build creative remediation strategies to remediate vulnerabilities
• Design compensating controls when technical fixes may not be feasible
• Understand and articulate complex vulnerability information to both technical and non-technical audiences
• Quantify the true risk of vulnerability findings given environmental and extenuating circumstances

Preferred Qualifications

• Have experience with Kenna Security, Nucleus, Brinqa or similar risk management tools
• Have experience with ServiceNow integrations
• Have experience with Microsoft VM tools
• Have experience with programming languages such as Python, Java, C, C++, C#, PHP, Ruby or .NET
• Have hands-on experience hardening systems to benchmarks such as CIS, NIST, etc
• Have experience with enterprise software deployment tools such as SSM, JAMF, BigFix, or Tanium
• Have familiarity with other Information Security tools such as Nessus, Kismet, Nmap, Burp, Netsparker, WebInspect, AppScan, Nexpose, Core Impact, Metasploit, etc

Benefits

• Remote workforce primarily (U.S. based only, some travel may be required for certain positions, working on-site may be required for Federal positions)
• 100% employer-paid medical premiums (employee only $0 deductible and HSA plans) along with 75% employer-paid family contributions
• 100% employer-paid dental premiums (employee only) along with 75% employer-paid family contributions
• 12 corporate holidays and a Flexible Time Off (FTO) program
• Healthy mobile phone and home internet allowance
• Eligibility for retirement plan after 2 months at open enrollment
• Pet Benefit Option