Vulnerability Remediation/ SCCM Engineer

Job Description:

Who are we looking for? Looking for VA remediation candidates with minimum of total 7+ years of experience in conducting vulnerability assessment and remediation against windows as part of a team. Should be able to serve as a trusted advisor in helping customers with relevant decisions based on the findings of the reports and dashboards. 

Roles and Responsibilities

• Work as part of the team for vulnerability remediation in an enterprise environment. 
• To perform detailed analysis and troubleshooting of VA report received and identifying vulnerabilities from tools (Qualys) 
• Coordinate with architects, business and application owners, value steam to plan and remediate vulnerabilities.
• Interact and closely work with Information Security teams and Application support teams to identify and implement vulnerability remediation.
• Coordinate with 3rd line support team, external suppliers, etc. for planning and scheduling remediation.
• Create daily weekly and monthly reports for relevant stakeholders. 
• Ability to recommend and implement Windows Hardening on workstations and servers.
• Own the Windows Patching either internal SCCM or WSUS for Business.

Skills: 

• Must have 7+ years of experience in VA remediation.
• Expert in Windows Server and client Operating System (Win Server 2016, Win Server 2019, Windows 10, 11 )
• Experience in Linux operating systems (preferred)
• Expert in VMware technologies
• Expert in using centralized patch management solution such as SCCM, WSUS, Patch My PC etc. 
• Good experience in Active Directory and Group Policies and other Windows-specific technologies
• Familiarity with vulnerability management processes, tools, and frameworks, such as CVE, CVSS, and Common Vulnerability Scoring System (CVSS).
• Experience in remediating Webserver, office application, snmp, db, nfs, proxy, FTP, dns and bind,Java, VMware ,Linux etc related vulnerabilities.
• Proficiency in vulnerability scanning tools such as Qualys.
• Familiarity with firewalls, proxies, SIEM, antivirus, and IDPS concepts.
• Experience in Certificate management
• Knowledge of network protocols, network analysis tools, and network security methodologies.
• Good understanding of common vulnerabilities and exploits, and the ability to explain these risks to business and IT stakeholders.
• Good behavioral skills and ability to co-ordinate with stake holders to prepare and drive remediation schedule.
• Experience in MS excel, PowerPoint, MS Word with good written & verbal and presentation skills
• Understanding on Security Exception management process
• Good knowledge in using ITIL tools such as ServiceNow, BMC Remedy and experience in ITIL processes.
• ITIL Foundation Certified is desirable.
• Excellent verbal and written communication skills (English) and experience in working in multi-cultural environment.
• Familiarity with security standards and frameworks such as NIST, CIS, and ISO 27001.

Qualifications: 

• Bachelor's degree or higher from an accredited college/university and 7+ Years of relevant work experience
• AZ 500 and MS 500 Certification will be added advantage.
• Relevant certifications such as Microsoft Certified: Azure Administrator Associate, Microsoft Certified: Windows Server, or Certified Ethical Hacker (CEH) are desirable.