Principal Security Consultant - Vulnerability Management focus
We pride ourselves on being a great place to work where our employees are our most important asset and great ideas count more than titles.
Proficio provides always-on cybersecurity protection services and is a global Managed Security Services Provider (MSSP) and leader in Managed Detection and Response (MDR). Our 24/7 security operations center (SOC) helps clients detect critical threats and rapidly respond to prevent the risk of a security breach.
We are changing the way organizations meet their IT security and compliance goals by providing the most advanced managed security services — without the cost and complexity of acquiring sophisticated software or operating your own SOC.
The Principal Security Consultant will be heavily focused on consultative security related services to customers under contract for our Vulnerability Management Program. The Consultant will create and oversee (as an active participant) our offering that runs vulnerability assessments to identify risk exposure in deployed system, policies, and procedures with a focus on identifying critical vulnerabilities on
client’s external, internal, and wireless networks.
- Work in conjunction with our Director of Product Management to create/upgrade methodology and documentation for our vulnerability management program.
- Plan and deliver full managed services for vulnerability assessments for our customers. This work includes establishing the scope of the program with the customer, getting Tenable.io installed and running assessments in the customer environment; regular twice weekly, weekly and/or monthly customer calls; and meeting with the customer quarterly (phone, video or in person) for full review of assessment findings and recommended remediation plans. Work scope to be established with consideration for customer network architecture, operational objectives, and current cybersecurity threat landscape.
- This role will work with our global Security Analyst team to provide training on tier 1 analysis of vulnerability assessment results.
- Performing the complex analysis required from Vulnerability Assessment results and combining this analysis with the work performed by our Security Analyst team, present information to customers in a cohesive plan that includes remediation recommendations and additional assessment program needs to improve customer security posture and minimize risk of compromise
- Additional resource responsibilities may include console management / Managed Detection and Response Services for Endpoint Protection Platforms including Palo Alto TRAPS
- As our service offerings expand, there are potential future services work in areas such as Forensic Response Management and Penetration Testing.
- 5+ years’ experience running vulnerability management assessments and creating remediation priorities for an enterprise level company
- 3+ years’ experience creating the vulnerability management plan and scope for enterprise level enterprises
- Experience across multiple vulnerability tools including products such as Qualys, Tenable.io (Nessus), and Rapid7
- SABSA certification highly desired
- Experience working for an MSSP/MDR highly desired with experience working for an enterprise level firm required if no MSSP/MDR experience
- Experience in a customer facing role with strong communication skills to support both phone and face to face interactions.
LOCATION & TRAVEL:
- Position is a remote US role or can sit in our San Diego SOC.
- Position is <10% travel to start, but may require 25-40% travel in the future
- Position will service customers throughout the US with potential work for customers around our other global SOCs located in Barcelona and Singapore
- Peer training and mentoring with upward mobility
- Medical, Dental and Vision health plans and other benefits from day 1
- 401K plan; gym reimbursement; Employee Assistance Program; and Life and Voluntary Life Insurance programs
- Regular company provided ProLunch, onsite Game Room, and fun employee activities and recognition programs
- A culture that is flat enough for you to have a “seat at the table”, but layered enough to provide you with mentoring and support
- A place to work where security is considered a “team sport” – we work together to identify and stop cyber attacks
- Strong support of several veteran organizations specifically military to civilian transition programs
- Relevant continuing education and certifications are fully budgeted for our teams