Job Description
Job Description:
Key Responsibilities:
- - Vulnerability Scanning & Analysis: Perform regular vulnerability assessments using Rapid7 InsightVM and other industry-standard tools like Tenable Nessus, Qualys, and Microsoft Defender for Endpoint . Identify security weaknesses and analyze their potential impact.
- - Risk Assessment & Prioritization: Work with IT and security teams to evaluate vulnerabilities, assess risk levels, and prioritize remediation efforts based on exploitability, business impact, and compliance requirements.
- - Patch Management & Remediation: Leverage SCCM/MECM and Intune to deploy security patches and updates across Windows environments, ensuring timely mitigation of vulnerabilities. Validate patch effectiveness and troubleshoot deployment issues.
- - Configuration Compliance & Hardening: Conduct security baseline assessments and recommend Windows system hardening measures based on industry best practices (CIS, NIST, ISO 27001).
- - Automated Remediation & Scripting: Develop PowerShell scripts and automation workflows to streamline vulnerability remediation, compliance reporting, and security configuration enforcement.
- - Threat Monitoring & Incident Response Support: Stay informed about zero-day vulnerabilities, exploit techniques, and emerging threats . Provide support during security incidents by analyzing exploited vulnerabilities and assisting in containment and mitigation efforts.
- - Reporting & Documentation: Generate detailed vulnerability reports, risk assessments, and remediation progress updates for stakeholders. Maintain documentation on vulnerability management procedures and patching schedules.
- - Collaboration & Continuous Improvement: Work closely with IT operations, security, and development teams to integrate vulnerability management processes into the software development lifecycle (SDLC) and IT change management. Suggest enhancements to security policies and procedures.
- - Compliance & Governance: Ensure adherence to security frameworks and regulatory standards, including NIST, CIS, GDPR, and ISO 27001 . Assist in audits and compliance reporting related to security vulnerabilities.
Required Skills & Experience:
- - 3-7 years of experience in vulnerability management, endpoint security, or IT security operations .
- - Strong expertise in Rapid7 InsightVM (Nexpose) for vulnerability scanning, assessment, and reporting.
- - Hands-on experience with Microsoft SCCM/MECM and Intune for Windows patch management and endpoint security.
- - Familiarity with additional vulnerability management tools such as Tenable Nessus, Qualys, CrowdStrike, or Microsoft Defender for Endpoint (MDE) .
- - Proficiency in PowerShell scripting for automation and remediation of vulnerabilities.
- - Deep understanding of Windows security hardening, Group Policy configurations, and endpoint protection best practices .
- - Experience with Active Directory, network security fundamentals, and endpoint compliance .
- - Strong analytical and problem-solving skills, with the ability to prioritize security risks effectively and communicate remediation plans to stakeholders.
- - Ability to stay updated with security trends, advisories, and best practices related to vulnerability management.
This role requires someone who is proactive, detail-oriented, and passionate about securing IT infrastructure against vulnerabilities. The Vulnerability Management Engineer will be an essential part of the Software Deployment team, ensuring a robust and resilient security posture.
Recruitment fraud is a scheme in which fictitious job opportunities are offered to job seekers typically through online services, such as false websites, or through unsolicited emails claiming to be from the company. These emails may request recipients to provide personal information or to make payments as part of their illegitimate recruiting process. DXC does not make offers of employment via social media networks and DXC never asks for any money or payments from applicants at any point in the recruitment process, nor ask a job seeker to purchase IT or other equipment on our behalf. More information on employment scams is available here.
