Job Title: Vulnerability Engineer
Location – Remote
FTE Only
Job Description
Must Have Technical/Functional Skills
Familiarity with Vulnerability scanning platforms and a good understanding of network fundamentals, firewalls, authentication, and encryption.
Understanding of CVEs, CVSS scoring, zero day vulnerabilities, and threat exposure.
Strong hands-on experience with Windows Server and Linux Server administrations.
Roles & Responsibilities
• Responsible for identifying, analyzing, prioritizing, and remediating security vulnerabilities across Windows and Linux server environments.
• Strong hands-on experience with Windows Server and Linux Server administrations.
• Familiarity with Vulnerability scanning platforms and a good understanding of network fundamentals, firewalls, authentication, and encryption.
• Supports the organization’s security posture by ensuring timely identification, analysis, and remediation of vulnerabilities across middleware platforms.
• Collaborates with the ITVM team to review weekly/biweekly scan reports, validate findings, and translate them into actionable remediation tasks.
• Understanding of CVEs, CVSS scoring, zero day vulnerabilities, and threat exposure.
• Knowledge of security best practices and familiarity with remediation of misconfigurations, outdated libraries, and insecure protocols
• Prepares detailed remediation plans including impact assessments, risk evaluations, timelines, and required resource coordination.
• Executes configuration level hardening and applies vendor fix packs on middleware technologies such as JBoss, Tomcat, IBM IHS, and WebSphere.
• Ensures all remediation activities follow structured change management processes, maintaining system stability and preventing service disruptions.
• Coordinates with cross functional teams including application, infrastructure, and security teams to ensure smooth implementation and validation.
• Maintains comprehensive documentation for all remediation activities, configurations, approvals, and compliance requirements.
• Monitors and prioritizes high severity vulnerabilities to meet organizational security SLAs and regulatory expectations.
• Manages and maintains clear communication across Email DLs, Teams channels and ITSM platforms (ServiceNow) to streamline collaboration and track vulnerability closure.
• Utilizes vendor support IDs to download patches, engage vendor support, and resolve complex middleware remediation issues.
• Experience with scripting (PowerShell, Bash, Python optional).
• Contributes to continuous improvement of vulnerability management processes through analysis, feedback, and proactive security hardening.