Cloud Security and Vulnerability Management Consultant

This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for a Cloud Security and Vulnerability Management Consultant based in the United States.

This role sits at the intersection of cloud security, risk advisory, and hands-on technical consulting, supporting organizations in strengthening the security of their cloud and hybrid environments. You will work directly with enterprise and government clients to assess security posture, identify misconfigurations, and uncover vulnerabilities across AWS, Azure, and Microsoft 365 ecosystems. The position combines deep technical analysis with client-facing advisory work, translating complex security findings into clear, actionable remediation plans. You will also contribute to vulnerability management programs, including scanning platform deployment, tuning, and ongoing optimization. In addition, you’ll help design and improve automation-driven assessment tooling and cloud security frameworks. This is a fast-paced, highly collaborative consulting environment where ownership, curiosity, and technical depth directly shape client outcomes.

• Deliver cloud security posture assessments across AWS, Azure, and Microsoft 365 environments, evaluating alignment with CIS Benchmarks, SOC2, PCI-DSS, NIST, and best practices
• Identify misconfigurations, vulnerabilities, and exposure risks using cloud-native tools, custom frameworks, and security assessment platforms
• Conduct cloud resource inventory analysis and prioritize findings based on risk and business impact, providing clear remediation guidance
• Support vulnerability management programs, including deployment, configuration, and tuning of scanning platforms in client environments
• Analyze vulnerability scan results, apply severity frameworks (e.g., CVSS), and guide remediation planning and prioritization
• Lead and support client-facing engagements including workshops, interviews, and presentation of findings and remediation roadmaps
• Contribute to automation, scripting, and development of cloud security assessment tooling and reporting capabilities

Requirements:

• 3–5 years of experience in cloud security, vulnerability management, security consulting, or a related technical security role
• Hands-on experience with AWS (preferred), Azure, or Microsoft 365 security environments
• Strong understanding of cloud security posture management (CSPM) concepts and security assessment methodologies
• Familiarity with compliance frameworks such as CIS Benchmarks, SOC2, PCI-DSS, and NIST
• Experience with vulnerability management concepts, including severity scoring, risk prioritization, and remediation planning
• Strong communication skills with the ability to translate technical risks for both technical and executive audiences
• Proficiency in Python and Git, with experience in automation or scripting for security workflows
• Familiarity with AI-assisted development or automation tools (e.g., GitHub Copilot, Power Automate, Copilot Studio) is a plus
• Certifications such as AWS, Azure, CISSP, or equivalent are valued but not required

Benefits:

• Competitive salary based on location and experience ($67,703 – $99,297 depending on region)
• Fully remote work flexibility within the United States
• Comprehensive health, life, and voluntary benefits package
• Short-term and long-term incentive opportunities (including bonus structures)
• Travel, learning, and professional development opportunities
• Exposure to cutting-edge cloud and AI-driven security technologies
• Collaborative, high-impact consulting environment with ownership of end-to-end outcomes