ConMon Engineer

Job not on LinkedIn

February 12

Apply Now

Receive Emails with Similar Jobs

Coalfire

WebsiteLinkedInAll Job Openings

Cybersecurity • Compliance • Enterprise

Coalfire is a cybersecurity services provider that helps businesses improve their security resilience and streamline regulatory compliance. The company offers expert-led services, including threat-focused cybersecurity programs, compliance automation, risk management, and security advisory services across various industries such as financial services, healthcare, retail, and technology. Coalfire is known for its hacker and defender expertise, and its platforms are designed to fortify clients' cyber resilience, reduce attack surfaces, and accelerate the achievement of compliance objectives like FedRAMP and HITRUST.

1001 - 5000 employees

Founded 2001

🔒 Cybersecurity

📋 Compliance

🏢 Enterprise

📋 Description

• Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. • We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever-changing cybersecurity landscape. • We are headquartered in Denver, Colorado with offices across the U.S. and U.K., and we support clients around the world. • We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem-solvers who are hungry to learn, grow, and make a difference. • We’re looking for a continuous monitoring engineer to work on our vulnerability management processes, driving compliance and security in cloud-based environments.

🎯 Requirements

• 3–5 years of professional experience in vulnerability management, compliance monitoring, or related security operations roles • Hands-on expertise with operating system, database, network, container, web application, and API vulnerability management • Direct experience supporting vulnerability management in at least two of the following cloud providers: AWS, Azure, GCP • Background working within at least one compliance framework (for example, FedRAMP, HITRUST, PCI), including risk assessment and reporting • Experience delivering monthly or periodic vulnerability status reports and tracking remediation efforts with internal and external teams • Basic administrative understanding of AWS, Azure, or GCP • Strong knowledge of vulnerability scanning technologies and methods, including scoring systems (CVSS, CMSS) • Effective communication, organizational, and documentation skills, with an emphasis on providing timely updates and clear reports to clients • Ability to work efficiently with technical teams to investigate, prioritize, and remediate vulnerabilities • Proficiency in scripting languages such as Python or PowerShell for task automation • Familiarity with defining baseline configuration standards (for example, CIS Benchmarks) and reporting on compliance posture

🏖️ Benefits

• Paid parental leave • Flexible time off • Certification and training reimbursement • Digital mental health and wellbeing support membership • Comprehensive insurance options