Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Vulnerability Analyst

Coalfire

About Coalfire Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever‑changing cybersecurity landscape. We are headquartered in Chicago, Illinois with offices across the U.S. and U.K., and we support clients around the world. But that’s not who we are – that’s just what we do. We are thought leaders, consultants, and cybersecurity experts, but above all else, we are a team of passionate problem‑solvers who are hungry to learn, grow, and make a difference. What You’ll Do Manage Plan of Action & Milestones (POA&Ms) lifecycle including creation, tracking, risk adjustment justification, and deviation requests in coordination with 3PAO assessors and federal stakeholders Collect, organize, and maintain security control evidence and artifacts for monthly continuous monitoring deliverables and assessment/authorization activities, ensuring alignment with FedRAMP, HITRUST, PCI, and similar frameworks Maintain accurate system inventory and authorization boundary documentation to ensure scanning scope aligns with approved system boundaries Analyze scan results for false positives, document justifications, and prepare deviation requests with supporting risk assessments Translate technical vulnerability findings into risk‑based language for federal clients and authorization officials, presenting monthly status briefings as needed Collaborate with development, SRE, and infrastructure teams to integrate vulnerability management into CI/CD pipelines, cloud environments (AWS, Azure, GCP), and container/Kubernetes platforms Participate in change‑management processes to ensure continuous monitoring activities align with system changes and maintain compliance posture Support and maintain enterprise vulnerability management tools (such as Tenable, Nessus, Burp, Qualys, Rapid7, Wiz, Prisma, Microsoft Defender), ensuring timely updates and patches Run regular and on‑demand scans across operating systems, databases, web applications, and containers, then work with technical teams to create tickets for remediation Track and document vendor dependencies, operational requirements, and open vulnerabilities, producing clear monthly reports and updates for clients Contribute to improving internal standards and processes, including maintaining documentation, training materials, and standard operating procedures What You’ll Bring 3–5 years of professional experience in vulnerability management, compliance monitoring, or related security operations roles Hands‑on expertise with operating system, database, network, container, web application, and API vulnerability management Direct experience supporting vulnerability management in at least two of the following cloud providers: AWS, Azure, GCP Background working within at least one compliance framework (for example, FedRAMP, HITRUST, PCI), including risk assessment and reporting Experience delivering monthly or periodic vulnerability status reports and tracking remediation efforts with internal and external teams Administrator‑level certification in AWS, Azure, or GCP Working knowledge of cloud architecture and security controls in AWS, Azure, or GCP, including ability to assess attack surfaces and recommend cloud‑native remediation approaches Strong knowledge of vulnerability scanning technologies and methods, including scoring systems (CVSS, CMSS) and risk prioritization frameworks Understanding of NIST 800‑53 security controls, particularly RA‑5, SI‑2, CM‑6, and how continuous monitoring supports control implementation Experience with STIG benchmarks and automated compliance scanning tools (SCAP, SCC) Familiarity with baseline configuration standards (CIS Benchmarks, vendor hardening guides) and compliance posture reporting Ability to distinguish false positives from true vulnerabilities and articulate risk‑based justifications for deviation requests Proficiency in scripting languages (Python, PowerShell, Bash) for task automation, report generation, and remediation workflows Strong client‑facing communication and documentation skills, with ability to present technical findings to federal stakeholders and produce timely compliance reports Ability to work efficiently with cross‑functional technical teams to investigate, prioritize, and coordinate vulnerability remediation efforts Bachelor’s degree or equivalent work experience. US citizenship (required due to client contractual requirements) Bonus Points Security‑focused cloud certifications for AWS, Azure, or GCP CISSP certification Familiarity with container security scanning tools (Trivy, Anchore, Snyk) and Kubernetes security postures Knowledge of software composition analysis (SCA) and static/dynamic application security testing (SAST/DAST) tools Familiarity with CI/CD security integration patterns and DevSecOps toolchains Why You’ll Want to Join Us At Coalfire, you’ll find the support you need to thrive personally and professionally. In many cases, we provide a flexible work model that empowers you to choose when and where you’ll work most effectively – whether you’re at home or an office. Regardless of location, you’ll experience a company that prioritizes connection and wellbeing and be part of a team where people care about each other and our communities. You’ll have opportunities to join employee resource groups, participate in in‑person and virtual events, and more. And you’ll enjoy competitive perks and benefits to support you and your family, like paid parental leave, flexible time off, certification and training reimbursement, digital mental health and wellbeing support membership, and comprehensive insurance options. At Coalfire, equal opportunity and pay equity is integral to the way we do business. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran. Coalfire is committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, its services, programs, and activities. To request reasonable accommodation to participate in the job application or interview process, contact our Human Resources team at View email address on click.appcast.io. #J-18808-Ljbffr Coalfire

Vacancy posted 17 hours ago
Similar jobs that could be interesting for youBased on the Vulnerability Analyst in Chicago, IL vacancy
  • $78k - $135k

     ...for false positives, document justifications, and prepare deviation requests with supporting risk assessments Translate technical vulnerability findings into risk‑based language for federal clients and authorization officials, presenting monthly status briefings as needed... 
    Suggested
    Work experience placement
    Work at office
    Flexible hours

    Coalfire

    Chicago, IL
    4 days ago
  • $93.5k - $121k

     ...Vulnerability Analyst At Cboe Global Markets, we inspire our people to solve complex challenges together because what we do matters. We provide the financial infrastructure that powers the global economy. As a leading provider of market infrastructure and tradable products... 
    Suggested
    Work at office
    Immediate start
    Flexible hours

    Cboe Global Markets

    Chicago, IL
    5 days ago
  • $95.86k - $208.27k

    The KPMG Advisory practice is at the forefront of transformation, offering excellent opportunities for individuals to advance their careers and expertise with KPMG. Looking ahead, we anticipate continued evolution and success within the practice, fostering both personal...
    Suggested
    Full time
    H1b
    Local area

    KPMG

    Chicago, IL
    9 days ago
  • $78k - $135k

    Coalfire Systems seeks a Vulnerability Management Specialist to oversee compliance and security across platforms. This role includes managing assessments, collaborating with teams, and ensuring compliance with frameworks like FedRAMP and PCI. The ideal candidate has significant... 
    Suggested
    Flexible hours

    Coalfire

    Chicago, IL
    4 days ago
  • Coalfire, based in Chicago, is seeking a Vulnerability Management Specialist. This role will manage the lifecycle of vulnerability actions and collaborate with technical teams across various cloud environments. The ideal candidate will have 3-5 years of experience in vulnerability... 
    Suggested
    Flexible hours

    Coalfire

    Chicago, IL
    17 hours ago
  • $160k - $205k

     ...security policies, working with appropriate partners to complete assessments and simulations, identifying misconfigurations and vulnerabilities, and reporting on associated risk. Key Responsibilities: Perform assigned analysis of internal and external threats on... 

    Bank of America

    Chicago, IL
    4 days ago
  • $500 per month

    Become a Professional Game Tester We're looking for passionate gamers to join our elite team of mobile game testers. Get paid to play and test the latest games before they launch. $500+ Avg Monthly Pay 5-10 Hours/Week 100% Remote Position Requirements: ...
    Remote work
    10 hours per week

    Babki

    Cicero, IL
    3 days ago
  • $78k - $135k

    Koitecc Solutions is hiring a Vulnerability Analyst in Chicago, Illinois. The role involves managing the lifecycle of vulnerability assessments, collaborating with federal stakeholders, and ensuring compliance with security frameworks. Ideal candidates will have over 5... 
    Work experience placement

    Koitecc Solutions

    Chicago, IL
    3 days ago
  • $104k - $156k

     ...embed security controls natively. Periodically provide recommendations on technical design of security controls aligned to vulnerabilities, risks, issues and/or events. Support purple-team exercises and control-efficacy testing to verify depth and resilience under... 
    Remote work

    Relativity

    Chicago, IL
    4 days ago
  •  ...system integrity. Emerging Threats and Innovation Monitor the threat landscape and emerging technologies to proactively address vulnerabilities. Develop partnerships with industry groups, government agencies, and vendors to stay ahead of cybersecurity trends. Oversee... 

    The Security Executive Council

    Chicago, IL
    1 day ago
  • Urbane Security is looking for talented professionals in offensive and defensive security to enhance their Security Services team. The role involves extensive penetration testing, risk assessment, and developing tailored security solutions. Applicants should have strong...

    Urbane Security

    Chicago, IL
    3 days ago
  •  ..., firewalls, endpoints, Active Directory) and perform comprehensive web application security assessments covering OWASP Top 10 vulnerabilities, business logic flaws, authentication weaknesses, and API security issues — following OWASP, and MITRE ATT&CK and other methodologies... 
    Full time
    Temporary work
    Work at office
    Immediate start
    2 days per week
    3 days per week

    Fitch Group

    Chicago, IL
    1 day ago
  • $174k - $239k

    Secure Every Identity, from AI to Human Identity is the key to unlocking the potential of AI. Okta secures AI by building the trusted, neutral infrastructure that enables organizations to safely embrace this new era. This work requires a relentless drive to solve complex...
    Permanent employment
    Local area
    Worldwide
    Flexible hours

    Okta, Inc.

    Chicago, IL
    4 days ago
  • Chief Information Security Officer (CISO) bluestone Executive Search specializes in aligning top companies across vast industries with superior, high-level IT professionals worldwide. Job Description Our Client is seeking a Chief Information Security Officer (...
    Worldwide

    Bluestone Solutions Group

    Chicago, IL
    2 days ago
  •  ...and auditing procedures, from both technical and business perspectives, and the use of formal methodologies such as NSA IAM Vulnerability scanning and auditing tools Enterprise-scale network and host-based IDS architectures E-commerce application security Computer... 
    Contract work
    Work at office

    1872 Consulting

    Harwood Heights, IL
    2 days ago
  • Location: Remote (U.S. or Canada) Type: US Applicants - Full-Time; Canadian Applicants - Independent Contractor About Human Agency We're scaling rapidly and have a growing pipeline of opportunities that demand exceptional talent across disciplines. Our mission...
    Full time
    For contractors
    Remote work
    Day shift

    Human Agency

    Chicago, IL
    5 days ago
  • Adoreal Inc. is seeking a hands-on Senior Manager, IT & Engineering in Chicago, IL. This hybrid role involves building the IT function, leading security and compliance initiatives, and managing an IT team. You'll partner closely with engineering leadership on secure development...
    Remote job

    Adoreal Inc.

    Chicago, IL
    4 days ago
  • $99k - $232k

     ...cybersecurity focus on protecting organizations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. Those in security architecture at PwC... 
    Full time
    H1b

    PwC

    Chicago, IL
    4 days ago
  •  ...Litigation Systems Analyst Employment Type: Full Time, Mid-level CGS is seeking a Systems Analyst to join our team supporting a wide-ranging technical support initiative for a large Federal agency's ongoing litigation efforts. CGS brings motivated, highly skilled... 
    Full time
    Contract work
    For contractors
    Work at office
    Remote work
    Flexible hours

    Contact Government Services LLC

    Chicago, IL
    3 days ago
  • Required skills : Experience Level: 4-7 Years Skills/Tools: Cucumber with Serenity, assert, RestAssured, Wiremock, Junits, Mockito, Selenium/Playwright, Gatling, Java Springboot and batch, JPA Language: English & Spanish Role Expectation: Strong understanding of Java Spring...
    Shift work

    TechDigital Group

    Chicago, IL
    4 days ago
  • Equity LifeStyle Properties, Inc. is hiring an IT Security Administrator in Chicago, Illinois. This role involves a variety of operational and tactical responsibilities in IT security, including monitoring and implementing security controls across various environments. ...

    Equity LifeStyle Properties, Inc.

    Chicago, IL
    3 days ago
  • $64k - $117k

    About Coalfire Coalfire is on a mission to make the world a safer place by solving our clients’ hardest cybersecurity challenges. We work at the cutting edge of technology to advise, assess, automate, and ultimately help companies navigate the ever‑changing cybersecurity...
    Work at office
    Flexible hours

    Coalfire-

    Chicago, IL
    8 days ago
  •  ...Senior Systems Analyst Employment Type: Full Time, Senior-level Department: Information Technology CGS is seeking a Senior Systems Analyst to join our team supporting a wide-ranging technical support initiative for a large Federal agency. CGS brings motivated, highly skilled... 
    Full time
    Contract work
    For contractors
    Work at office
    Flexible hours

    Dormont Manufacturing Company

    Chicago, IL
    5 days ago
  • Digital Forensic Analyst Employment Type: Full-Time, Mid-Level Department: Forensics CGS is seeking a Digital Forensic Analyst whose primary focus will be on the preservation & collection of mobile device and cloud‑stored data. The ideal candidate should be fluent in... 
    Full time
    Work at office
    Remote work
    Flexible hours

    CGS Federal (Contact Government Services)

    Chicago, IL
    3 days ago
  • Overview: Dear Partner,Good Morning ,Greetings from Nukasani group Inc !, We have below urgent long term contract project immediately available for **Senior IT Auditor, Chicago, IL, _Onsite_** need submissions you please review the below role, if you are available...
    Long term contract
    For contractors
    Work at office
    Local area
    Immediate start
    Day shift

    Guru Schools

    Chicago, IL
    5 days ago
  • $87.7k - $164k

     ...value. The opportunity Cyber Triage and Forensics (CTF) Incident Analyst will work as a senior member of the technical team...  ...malware reverse engineering Understanding of security threats, vulnerabilities, and incident response Understanding of electronic investigation... 
    Summer holiday
    Local area
    Flexible hours

    Ernst & Young Oman

    Chicago, IL
    5 days ago
  • $99k - $232k

     ...cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In cloud security at PwC, you will be... 
    Full time
    H1b

    PwC

    Chicago, IL
    1 day ago
  • $145k - $192.5k

     ...integration across the enterprise. Act as a technical expert on AI‑driven cybersecurity initiatives, mentoring junior engineers and analysts. Prototype and evaluate emerging AI technologies for applicability in cyber threat detection and response. Serve as a thought... 
    Shift work
    Day shift

    Koitecc Solutions

    Chicago, IL
    4 days ago
  • $155k - $410k

     ...cybersecurity focus on protecting organisations from cyber threats through advanced technologies and strategies. They work to identify vulnerabilities, develop secure systems, and provide proactive solutions to safeguard sensitive data. In cloud security at PwC, you will be... 
    Temporary work
    H1b

    PwC

    Chicago, IL
    4 days ago
  • $96.4k - $114.1k

    Company Federal Reserve Bank of Chicago The Federal Reserve is one of the most recognizable brands around the world. The Federal Reserve is the central bank of the United States-one of the world's most influential, trusted and prestigious financial organizations...
    Full time
    Temporary work
    Part time
    Work experience placement
    Visa sponsorship
    Shift work

    Federal Reserve System

    Chicago, IL
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Vulnerability Analyst. Be the first to apply!