← Browse all jobs
P

Vulnerability Management Consultant

Procom
Toronto, OntarioOn-siteJun 5
Apply Now →

About this role

Vulnerability Management Consultant: On behalf of our consulting client, Procom is searching for a Vulnerability Management Consultant for a 6 month contract role. This position is a remote position located in Toronto, Ontario, Canada. Vulnerability Management Consultant - Job Description: We are seeking an experienced contractor to enhance its vulnerability management program and external attack surface management capabilities. This role involves managing the end-to-end vulnerability lifecycle and expanding external ASM visibility across the client’s global infrastructure. Vulnerability Management Consultant - Responsibilities: • Operate and maintain the client’s enterprise VM program across on-premise, cloud (AWS, Azure), and hybrid infrastructure • Configure and optimize scanning coverage, credentialing, and policy in the designated VM platform (Tenable, Qualys, or Rapid7) • Establish and enforce risk-based prioritization using CVSS, EPSS, CISA KEV status, and asset business criticality • Integrate VM findings with ServiceNow or equivalent ITSM for structured remediation assignment and tracking • Partner with IT, DevSecOps, and cloud infrastructure teams on remediation execution and patch validation • Conduct and maintain continuous external attack surface discovery across the client’s domain portfolio, IP ranges, cloud assets, and third-party infrastructure • Produce executive-ready reporting that translates technical findings into business risk language for CISO and VP-level audiences Vulnerability Management Consultant - Mandatory Skills: • 5+ years of hands-on vulnerability management experience in enterprise environments (2,000+ managed assets) • Deep proficiency in at least one enterprise VM platform: Tenable.sc / Tenable.io, Qualys VMDR, or Rapid7 InsightVM • Demonstrated ASM experience — external discovery, shadow IT identification, and exposure prioritization • Strong command of vulnerability prioritization: CVSS v3/v4, EPSS, CISA KEV, and threat-context scoring • Cloud security scanning experience across AWS, Azure, or GCP • Experience integrating VM workflows with ServiceNow, Jira, or equivalent ITSM platforms • Ability to produce executive-quality posture reports and present findings to CISO-level stakeholders Vulnerability Management Consultant – Nice-to-Have Skills: • Relevant certifications: GPEN, GEVA, CISM, CISSP, Tenable Certified, or Qualys Certified Specialist • Experience with product security or OT/IoT vulnerability management in a hardware-adjacent environment • Familiarity with ASM platforms: Censys ASM, Cortex Xpanse, Runzero, or Axonius • Scripting capability in Python or Bash for scan automation, API integrations, and report generation • Consulting or MSSP background Vulnerability Management Consultant – Assignment Length: This is a 6 month contract position. Vulnerability Management Consultant - Start Date: ASAP. Vulnerability Management Consultant - Assignment Location: Remote position located in Toronto, Ontario, Canada.
Want to see how well you match this job?
Get AI-scored for free →