Security Vulnerability Engineer – Windows

DescriptionThe Security Vulnerability Engineer will provide critical support in identifying, analyzing, and remediating vulnerabilities across an infrastructure consisting of over 2000 Windows servers. This will include analyzing reports from multiple streams and sources as well as remediating and assigning to other members of the team when needed. This position requires a mixture of engineering, operations, hands-on technical, and support skills. Qualified candidates should have excellent troubleshooting and analytical skills. The individual will work closely with technical leads, infrastructure and operations teams, and other cross-department teams to evaluate business needs and provide end-to-end technical solutions and manage, operate, monitor, audit, and secure server assets.The position will provide Windows engineering support and will be responsible for building, patching, and troubleshooting Windows servers in support of current and future DOT systems and applications. This candidate will be working with a team of server engineers to troubleshoot issues for multiple systems in multiple datacenter locations. The candidate will provide support, implementation, and design services for Windows-based systems across the enterprise. The candidate will be responsible for resolving and completing assigned tasks and change requests and will act as an escalation for support issues.Job Duties:This position requires a minimum 2x/week onsite.Once every 2-3 months support server infrastructure in a 24x7 on-call escalation capacity as part of a team rotation.Performs security hardening, patching, and server certificate updates.Run system scans and analyze reports on system vulnerabilities on over 2000 Windows servers in the enterprise.Maintain and update environmental documentation, standard operating procedures, and engineering documentation.Provide support to system administrators to resolve issues when required and provide support in response to outages including conducting root cause analysis.Recognize and escalate risks, issues, and concerns when necessary.Analyze vulnerability reports and identify areas of responsibility for remediation.Resolve known exploited vulnerabilities, prioritizing critical and high vulnerabilities.Facilitate coordination of vulnerability remediations across the team.Develop and provide recommendations and remediations for vulnerabilities.Harden Windows OS with secure versions of Transport Layer Security (TLS) and cipher suites according to NIST policy.Assist Security Operations personnel in developing Plan of Action & Milestones (POAMs) for vulnerabilities requiring long-lead time resolve.Work closely with the SCCM/Deployment team to perform routine and bulk patching as well as reporting.Provide on-call support and manage ticket queue.Demonstrate a strong appetite to learn and translate evolving threats into real-world recommendations.Demonstrate strong knowledge of vulnerability management tools such as Tenable Nessus, Qualys WAS, Inviciti, and BigFix.Have a solid understanding of IPV4 and IPV6 networking.QualificationsExperience: Must have a minimum of 10 years of experience administrating and managing servers and systems, cloud infrastructure, file and print environments, specializing in Windows operating systems. Must have advanced knowledge of Microsoft Active Directory and SQL Server. Must possess a Microsoft Certified Solutions Expert (MCSE) - Server Infrastructure or equivalent.Required Knowledge, Skills and AbilitiesExpert-level knowledge of Windows OS-based computer devices (Windows 10, Windows 11).Demonstrate expert knowledge of Windows OS to include W2K12R2, W2K16, W2k19, W2k22.Expert knowledge and troubleshooting skills to resolve failed update installations in Windows OS.Expert knowledge of AD Group policy and applying security posture via GPOs.Strong knowledge of System Center Configuration Manager (SCCM).Experience with performing root cause analysis, risk identification, and risk mitigation.Understanding of FIPS 140-3 or cryptographic modules and how they are used.Must be a self-starter with strong problem-solving and communication skills.Strong knowledge of NIST-800 framework and security guidelines for Windows servers and clients including DISA STIG.Strong knowledge of CIS Benchmark guidelines for Microsoft Windows servers.Experience with scripting tools such as PowerShell, Azure CLI, AWS CLI, Python, and VBScript.Experience with Nessus Tenable scanning tools and reporting.Expert-level experience with MS Office tools such as Excel, PowerPoint, Visio, Word.Experience with installing hardware drivers, firmware, BIOS, and other hardware upgrades for Dell servers.Demonstrate knowledge of common ports and protocols used by Windows servers and clients.PreferredSecurity certification(s) highly preferred such as Security+, CISSP, CASP+, CISA, CISM etc.Experience with Linux/Ansible, and/or Unix are a plus.Experience with Dell Open Manage Enterprise is a plus.Experience with PowerBI is a plus.Experience with Microsoft Intune is a plus.Note: Candidate must be a U.S. citizen or green card holder who has resided in the U.S. for at least 3 years and has the ability to obtain a public trust.

#J-18808-Ljbffr