Jobs
U

Windows Vulnerability Remediation Engineer

USTRemote1d ago
RemoteFull-timevia indeed

Required Skills

azure

Job Description

  • *Role description**

We are seeking a highly skilled **Windows Vulnerability Remediation Engineer** to join our Cybersecurity and Infrastructure team. In this role, you will be responsible for identifying, analyzing, prioritizing, remediating, and validating security vulnerabilities across enterprise Windows server environments. You will work closely with Infrastructure, Security Operations, Endpoint Management, and Application teams to ensure timely remediation of vulnerabilities while maintaining system stability, compliance, and business continuity.

The ideal candidate will have strong expertise in Windows Server administration, enterprise patch management, vulnerability management platforms, PowerShell automation, and Microsoft security technologies.

Key Responsibilities

### **Vulnerability Management**

  • Analyze and remediate vulnerabilities identified through **Qualys, Tanium, Microsoft Defender Vulnerability Management (MDVM),** or similar vulnerability assessment tools.
  • Prioritize remediation activities based on:

+ CVSS Scores

+ Exploitability

+ Threat Intelligence

+ Business Criticality

  • Validate vulnerability findings and identify false positives.
  • Coordinate with application and infrastructure teams to drive remediation through closure.
  • Manage vulnerability exceptions and document risk acceptance where required.

### **Windows Patch Management**

* Manage patching and remediation across

+ Windows Server 2012 / 2016 / 2019 / 2022

+ VMware ESXi Hosts

* Perform

+ Monthly Patch Tuesday deployments

+ Emergency and out\-of\-band patching

+ Zero\-day vulnerability remediation

+ Patch testing and validation

+ Rollback planning and execution

  • Troubleshoot failed patch deployments and ensure successful remediation.
  • Maintain enterprise patch compliance within defined SLAs.

### **Security Hardening**

  • Implement and maintain Windows security configurations aligned with:

+ CIS Benchmarks

+ Microsoft Security Baselines

* Perform security hardening activities including

+ Registry configuration

+ Windows services optimization

+ Local security policies

+ Protocol hardening

+ Authentication security improvements

### **Vulnerability Remediation**

Remediate security issues including

  • Missing Microsoft Security Updates
  • Unsupported or End\-of\-Life Software
  • TLS/SSL Weak Cipher and Protocol Issues
  • SMBv1 Removal and SMB Security Updates
  • NTLM Hardening
  • Remote Code Execution (RCE) Vulnerabilities
  • Privilege Escalation Vulnerabilities
  • Registry Misconfigurations
  • Windows Authentication Weaknesses
  • Configuration Drift

### **Automation \& Scripting**

* Develop PowerShell scripts to automate

+ Patch deployment

+ Vulnerability remediation

+ Compliance reporting

+ System validation

  • Leverage Tanium automation capabilities where applicable.
  • Continuously improve remediation efficiency through automation.

### **Reporting \& Compliance**

* Generate dashboards and reports for

+ Patch Compliance

+ Vulnerability Aging

+ SLA Adherence

+ Executive Security Metrics

+ Risk Reduction Trends

  • Track remediation progress and ensure adherence to security SLAs.
  • Support internal and external security audits.
  • Maintain remediation documentation and evidence for compliance requirements.

### **Incident \& Security Response**

  • Support cybersecurity incident response activities.
  • Participate in zero\-day vulnerability assessments and emergency remediation efforts.
  • Assist with vulnerability investigations and security assessments.
  • Collaborate with Security Operations during active incidents.

Required Technical Skills Operating Systems

  • Windows Server 2012, 2016, 2019, 2022
  • VMware ESXi

Microsoft Technologies

  • Active Directory
  • Group Policy (GPO)
  • DNS
  • DHCP
  • IIS
  • Failover Clustering
  • Hyper\-V
  • PowerShell

Vulnerability Management

  • Qualys
  • Tanium
  • Microsoft Defender Vulnerability Management (MDVM)

Patch Management

  • WSUS
  • Azure Update Manager
  • Microsoft Endpoint Configuration Manager (MECM/SCCM) *(preferred)*

Scripting \& Automation

  • PowerShell
  • Windows Automation
  • Tanium Automation *(preferred)*

Required Qualifications

  • 5–10\+ years of experience in Windows Infrastructure, Patch Management, or Vulnerability Remediation.
  • Hands\-on experience managing enterprise Windows Server environments.
  • Strong knowledge of Microsoft security updates, Windows internals, and vulnerability remediation practices.
  • Experience implementing CIS Benchmarks and Microsoft Security Baselines.
  • Solid understanding of enterprise vulnerability lifecycle management.
  • Experience working in ITIL\-based environments with change management processes.
  • *Skills**

Patch Management, SOC Operations, Windows

  • *About UST**

UST is a global digital transformation solutions provider. For more than 20 years, UST has worked side by side with the world’s best companies to make a real impact through transformation. Powered by technology, inspired by people and led by purpose, UST partners with their clients from design to operation. With deep domain expertise and a future\-proof philosophy, UST embeds innovation and agility into their clients’ organizations. With over 30,000 employees in 30 countries, UST builds for boundless impact—touching billions of lives in the process.

Similar Jobs

Browse all jobs

Job Overview

Job type
Full-time
Work mode
Remote
Location
Anywhere in India
Posted
1d ago
Source
Indeed