Exposure Intelligence – CTEM Consultant
Listed on 2026-07-03
-
IT/Tech
Job Title
Lead Consultant – Threat & Incident Response
OverviewThe CTEM Consultant of Platform & Exposure Operations is responsible for operating and scaling the Continuous Threat Exposure Management (CTEM) capability across the enterprise. This role owns the integrations, data pipelines, user experience, and reporting layer that enable exposure visibility and prioritization.
Success Measures- High-quality data coverage and accuracy across CTEM inputs.
- Increased adoption and usability of CTEM dashboards across teams.
- Improved signal‑to‑noise ratio in exposure prioritization.
- Reduction in manual effort through automation and integration.
- Measurable improvement in risk visibility and reporting consistency.
- Own and manage CTEM platforms and supporting tooling (e.g., exposure management, vulnerability correlation, attack path tools). Maintain platform health, configuration, and access controls.
- Manage user onboarding, permissions, and adoption across security and engineering teams.
- Design, build, and maintain integrations across vulnerability management tools, EDR/XDR platforms, cloud/security platforms (AWS, Azure, Entra, etc.), and application and asset inventories.
- Ensure data ingestion, normalization, and correlation across sources. Identify and resolve data quality gaps, duplication, and enrichment issues.
- Aggregate and correlate security findings into meaningful exposure insights. Maintain logic that supports exploitability‑based prioritization and continuously improve signal quality while reducing noise.
- Design and maintain CTEM dashboards and reporting views for different audiences: executive (risk and trends), engineering (actionable fixes), and security (coverage and effectiveness). Ensure reporting reflects real exposure, risk reduction progress, and SLA/MTTR performance.
- Partner with leadership (CISO, service managers) to align reporting with KPIs.
- Build and optimize workflows that connect CTEM insights to remediation execution. Automate prioritization, ticket creation, and tracking where possible to reduce manual effort in exposure triage and reporting.
- Serve as the bridge between CTEM data and execution teams (VM, App Sec, DFIR, Cloud Security).
- Enable teams to consume CTEM intelligence effectively through dashboards and integrations. Drive adoption and proper usage of CTEM capabilities.
Experienced platform or security tooling engineer with a background in managing security platforms, integrations, and data pipelines. Hands‑on experience with ingestion, normalization, dashboards, RBAC, and automation, and ability to translate raw data into accurate, actionable exposure intelligence erience with Zafran, Nagomi, or another CTEM tool is a big plus.
Required Qualifications- 3+ years in security engineering, exposure management, vulnerability management, or platform engineering.
- Experience integrating security tools and working with APIs/data pipelines.
- Strong understanding of how security data translates into risk and prioritization.
- Experience with CTEM platforms (e.g., Zafran, Nagomi, Pantera).
- Background in data engineering, automation, or scripting (Python, APIs).
- Familiarity with vulnerability management, asset inventory, and identity data.
- Experience building dashboards (Power BI, Tableau, or platform‑native).
- Skills:
Cyber Incident Response, Exposure Management, IT Security Operations, Python Automation, Root Cause Analysis, Threat Assessment, Threat Monitoring.
$ – $ annually, based on experience and qualifications.
Background Check RequirementCandidates offered this position will be required to submit to a background investigation.
Equal Employment OpportunityThis company is an equal‑opportunity employer that prohibits discrimination on the basis of protected characteristics, including ancestry, age, color, disability, genetic information, gender, gender identity, gender expression, sexual orientation, marital status, medical condition, military or veteran status, national origin, race, religion, sex, or sexual or reproductive health decision. The policy applies to all aspects of the employment relationship and prohibits discrimination in hiring, training, salary administration, promotion, job assignment, benefits, discipline, and separation of employment.
EEODisclaimers
For jobs in San Francisco, see the San Francisco Fair Chance Ordinance. For jobs in Los Angeles, see the Los Angeles Fair Chance Initiative for Hiring Ordinance.
FMLAFMLA information is available for employees on request.
#J-18808-Ljbffr(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).