Vulnerability Remediation Technician at Cyberlogic

PURPOSE OF POSITION:

• The Vulnerability Remediation technician will be tasked with remediating vulnerabilities on clients’ systems. This includes vulnerability remediation planning, patching and manual remediation actions. They will be required to analyse and assess the impact of remediation on various systems and environments. A member in this role will need to have to ability to take ownership of items, lead the support of their items, apply expertise and knowledge, conduct deep analysis, and write/present reports.

KEY PERFORMANCE AREAS

• Understanding the impact of vulnerability remediation actions.
• Coordination of patch schedules.
• Developing remediation plans.
• Create remediation scripts.
• Test remediation actions.
• Analyse Vulnerability Metrics.
• Action remediation plans.

RESPONSIBILITIES

• Researching the vulnerability, the affected system and remediation actions to understand the impact of the vulnerability and its fix.
• Coordinate client patch schedules for their workstations and servers. Ensuring that patches for servers take place in line with Backup schedules which are managed by different teams.
• Create and document remediation plans and action steps which can be handed over to various entities to remediate vulnerabilities.
• Create scripts which can be deployed to remediate vulnerabilities via Command Prompt, Terminal, or PowerShell.
• Conduct testing of high risk or unfamiliar remediation actions in a test environment.
• Analyse vulnerability data and metrics in order to understand the client’s vulnerability landscape as well as to plan and execute vulnerability remediation efforts.
• Practically implementing vulnerability remediation plans on client devices.

QUALIFICATIONS AND EXPERIENCE

• 3+ years working in-depth with IT systems, processes, and capabilities.
• Has a fundamental understanding of security principles.
• Has experience and is knowledgeable about Vulnerability Management.
• Has hands on experiences with patch management.
• Experience with using remote management software.
• Has scripting experience.
• Can communicate technical items to a non-technical audience.
• CompTIA Security+ certification is required as a minimum.
• Qualys Certified Specialists certifications are desired.
• MCP, MCITP or relevant Microsoft certification is required.
• Professional Microsoft Windows understanding surrounding fundamental functions, the registry, and security related considerations is required.
• Professional Linux understanding surrounding installs, upgrades, updates, and security related considerations is desired.
• You may be required to travel to clients or our other offices. Own vehicle and a valid driver’s license is required.