2

Remote Vulnerability Scanning Jobs in Tennessee (NOW HIRING)

... vulnerability scan remediation support. • Help automate evidence exports / reporting inputs where ... Remote-first; occasional on-site support only when customer environment requires it (rare). • No ...

Remote Vulnerability Scanning information

What is remote vulnerability scanning?

Remote vulnerability scanning is the process of evaluating a computer system, network, or application from a remote location to identify security weaknesses and potential vulnerabilities that could be exploited by attackers. This type of scanning is performed over a network, without needing physical access to the target environment. It helps organizations detect security flaws, misconfigurations, and outdated software remotely, allowing them to address risks proactively. Remote vulnerability scanning is a crucial part of maintaining a strong cybersecurity posture, especially for businesses with distributed or cloud-based assets.

What are the key skills and qualifications needed to thrive as a Remote Vulnerability Scanning Specialist, and why are they important?

To thrive as a Remote Vulnerability Scanning Specialist, you need a solid understanding of networking, cybersecurity principles, and vulnerability management, often supported by a degree in computer science or a related field. Familiarity with tools like Nessus, OpenVAS, Qualys, and relevant certifications such as CompTIA Security+ or CEH are commonly required. Strong analytical thinking, attention to detail, and effective communication are key soft skills for identifying issues and reporting findings to technical and non-technical stakeholders. These skills and qualifications are critical to proactively identifying security weaknesses and helping organizations mitigate cyber risks.

What are the typical challenges faced when performing remote vulnerability scanning, and how can they be addressed?

One common challenge in remote vulnerability scanning is accurately identifying vulnerabilities without causing disruptions to the target systems, as aggressive scans can sometimes impact network performance or trigger security defenses. Additionally, remote scanners may face difficulties in detecting vulnerabilities behind firewalls or in segmented networks. To address these issues, it is important to coordinate scans with IT teams, schedule scans during low-traffic periods, and use authenticated scanning methods when possible. Effective communication and thorough documentation also help ensure that findings are actionable and that scanning activities align with organizational security policies.

What is the difference between Remote Vulnerability Scanning vs Network Security Analyst?

AspectRemote Vulnerability ScanningNetwork Security Analyst
Primary RoleIdentify security weaknesses through automated scansMonitor, analyze, and respond to security threats
Tools & CertificationsVulnerability scanners, certifications like CompTIA Security+SIEM tools, certifications like CISSP or CEH
Work EnvironmentRemote or on-site, focused on scanning toolsTypically on-site or hybrid, involving analysis and incident response

Remote Vulnerability Scanning focuses on automated detection of security flaws, while Network Security Analysts interpret these findings and handle security incidents. Both roles require cybersecurity knowledge and certifications, but their daily tasks and responsibilities differ significantly.

What are the most commonly searched types of Vulnerability Scanning jobs in Tennessee? The most popular types of Vulnerability Scanning jobs in Tennessee are:
What are popular job titles related to Remote Vulnerability Scanning jobs in Tennessee? For Remote Vulnerability Scanning jobs in Tennessee, the most frequently searched job titles are:
What job categories do people searching Remote Vulnerability Scanning jobs in Tennessee look for? The top searched job categories for Remote Vulnerability Scanning jobs in Tennessee are:
What cities in Tennessee are hiring for Remote Vulnerability Scanning jobs? Cities in Tennessee with the most Remote Vulnerability Scanning job openings:

Cloud Security Engineer

C2 Labs, Inc.

Knoxville, TN • Remote

Contractor

Posted 3 days ago


Job description

C2 Labs is hiring a Security Engineer (Cloud Security Engineer) to support FedRAMP authorization acceleration and ongoing ConMon for defense-focused startups and companies deploying production workloads on Azure Government. You’ll implement security controls, build repeatable evidence pipelines, and help make ConMon feel like an operational routine—not a monthly fire drill.

What you’ll do

• Implement and tune cloud security controls (IAM, logging, vulnerability management, configuration baselines, incident readiness).

• Configure security tooling and integrations to produce repeatable evidence for authorization and ConMon.

• Support remediation and hardening workstreams, including vulnerability scan remediation support.

• Help automate evidence exports / reporting inputs where feasible and keep operations sustainable post-authorization.

Role summary

Implement and operationalize technical security controls in customer cloud environments and build the telemetry/evidence pipelines that support FedRAMP 20X validation and ongoing ConMon. This role partners closely with the Cloud Architect and the technical writing team to ensure controls are not only implemented—but continuously evidenced.

Key responsibilities

• Implement and tune cloud security controls aligned to FedRAMP expectations (identity, logging, vulnerability management, configuration baselines, incident readiness).

• Configure security tooling and integrations that generate repeatable evidence (e.g., vulnerability scanners, CSPM, SIEM/log aggregation, ticketing workflows).

• Support vulnerability remediation and hardening activities (secure configurations, patching workflows, baseline images, configuration drift management).

• Design and document evidence-producing processes and runbooks (what is collected, how, by whom, and on what cadence).

• Support ongoing ConMon operations by producing/validating technical evidence inputs and assisting with POA&M remediation tracking.

• Partner with writers to ensure technical narratives are accurate and match what is deployed; support assessor/sponsor technical Q&A as needed.

• Where feasible, develop lightweight automation (scripts/APIs) to export evidence artifacts for GRC ingestion and reporting.

Key deliverables / outputs

• Configured security tooling and evidence outputs aligned to controls/KSIs.

Hardening/remediation recommendations and implementation support (with documented changes).

• Runbooks and operational procedures for evidence generation and validation cadence.

• Technical evidence inputs for ConMon cycles (e.g., scan outputs, logging configurations, control state reports).

Required qualifications

• 5+ years security engineering experience, including cloud security implementation and operations.

• Hands-on experience with vulnerability management and secure configuration practices.

• Working familiarity with cloud logging/monitoring, IAM guardrails, encryption/key management, and incident response readiness.

• Comfort scripting/automation (PowerShell, Python, bash) and working with APIs/integrations.

• Ability to communicate technical findings clearly to non-engineers and support audit/assessment discussions.

Preferred / nice to have

• Bachelor’s degree in Computer Science, Engineering, IT, or related field

• Azure security experience (Defender for Cloud, Sentinel/Log Analytics, Azure Policy, PIM) and/or Azure Government experience.

• Experience supporting NIST 800-53 / FedRAMP assessments, remediation, or ConMon deliverables.

• Security+ / AZ-500 / CISSP or similar certifications.

• Experience integrating evidence into GRC platforms (RegScale preferred).

Tools & environment

• Cloud security tooling (customer-specific): vulnerability scanner, CSPM, SIEM/log pipeline, ticketing workflows

• IaC and CI/CD tooling (Terraform/Bicep; GitHub Actions/Azure DevOps as applicable)

• RegScale (linking technical evidence to controls/KSIs and ConMon cadence)

Engagement details

• 1099 independent contractor (initial engagement); project-based with potential extension into ConMon operations.

• Remote-first; occasional on-site support only when customer environment requires it (rare).

• No clearance required; must be able to pass a standard background check and sign NDA/SOW.

• Work is typically in Azure Government environments supporting FedRAMP 20X and/or legacy packages.

EEO Statement

We are an equal opportunity employer. All qualified applicants will be considered without discrimination based on race, color, religion, sex, national origin, age, disability, or protected veteran status. Employment offers will be contingent on passing a pre-employment drug screen.

Practical AI Application

  • Applies AI tools to streamline workflows, enhance decision-making, and improve outcomes
  • Understands the strengths and limitations of AI systems and exercises sound judgment in their use
  • Continuously explores new AI capabilities and integrates them into day-to-day work where appropriate
  • Uses AI in alignment with company and customer-specific policies, data privacy standards, and ethical guidelines
  • Exercises discretion when using AI with sensitive or proprietary information
  • Demonstrates awareness of bias, accuracy, and risk considerations when leveraging AI tools