Sr. Consultant - Threat and Vulnerability Management & Remediation | Remote

This position will be fully remote and can be hired anywhere in the continental U.S

A Consultant on the Threat Vulnerability Management team serves as a technical advisor and possesses practical hands‑on experience in several areas of an organization’s security and information systems configuration and how they relate to asset tracking (attack surface), patch management, configuration management, vulnerability management, and remediation. The consultant should be capable of performing complex assessments and interviews with staff while maintaining a business focus on meeting client demands.

This position will work both independently and as part of a team to perform a number of Vulnerability Management and hands‑on remediation tasks to include:
Discovery of Vulnerabilities and Asset Ownership, Prioritization of Data and vulnerabilities, Remediation of vulnerabilities, and Verification through risk‑based analysis of findings.

• Assess an organization’s vulnerability management program through the use of automated tools and manual techniques to identify and verify how assets and vulnerabilities are tracked and remediated
• Provide tactical and strategic guidance and detailed remediation advice aimed at improving clients security posture
• Use creative approaches to triage, prioritize, define, and remediate vulnerabilities
• Assess Vulnerability Management programs including documented procedures, workflow from asset discovery through to remediation tracking.
• Create comprehensive assessment reports that clearly identify existing vulnerabilities, average time to remediation, compensating controls, work in progress, as well as roadmap for remediation for vulnerabilities.
• Interface with client personnel and technologies to gather information, clarify scope, and remediate vulnerabilities
• Execute projects using established methodology, tools and documentation
• Successfully implement changes within client environments to reduce their overall risk
• Perform other duties as assigned

• Bachelor's degree or approximately 5-7 years of related work experience.
• Approximately 4-7 years of experience performing Hands‑on Configuration changes and patching, Vulnerability Management Engineering, and Vulnerability Assessments.
• Experience with native and 3rd party patching tools (WSUS/SCCM/Ivanti/Solar Winds/JAMF/etc.)
• Experience with and Understanding of commercial and open source vulnerability scanning tools is required (e.g. Nessus/Tenable, Rapic7, Qualys, Burp, Nmap, etc.)
• Ability to combine multiple separate findings to identify complex blended vulnerabilities and attack chains
• Ability to identify, describe and report vulnerabilities and detailed remediation activities, to include clear demonstration of risk to clients
• Knowledge of Risk Based analysis tools (i.e. Kenna/Brina/etc.)
• Familiarity with scripting languages (Power Shell/Python/Bash/etc.)
• Deep understanding of different Operating Systems, network architectures, network devices, and software suites required (e.g. Linux, Windows, Cisco, Active Directory, GPO, etc.)
• Must be able to work well with customers and self-manage through difficult situations, focus on client satisfaction.
• Ability to convey complex technical security concepts to technical and non-technical audiences including executives
• Ability to work both independently as well as on teams to meet deadlines required.
• Bachelor’s Degree from a four‑year college or university in Information Assurance, Computer Science, Management Information Systems or related area of study preferred; related experience and/or training is required.
• CISSP and other industry certifications preferred

• A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups ().
• Work/life balance
• Professional training resources
• Creative problem‑solving and the ability to tackle unique, complex projects
• Volunteer Opportunities. “Optiv Chips In” encourages employees to volunteer and engage with their teams and communities.
• The ability and technology necessary to productively work remotely/from home (where applicable)

Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law.