Offer summary

Qualifications:

Relevant certifications such as CISSP, CISM, or CEH are preferred., Minimum of 5 years of experience in vulnerability management, focusing on Windows servers., Strong background in Active Directory/Azure AD and scripting languages like PowerShell., Proficiency in vulnerability assessment tools and Windows server administration..

Key responsabilities:

Conduct regular vulnerability assessments on Windows servers and corporate applications.

Develop and implement remediation plans for identified vulnerabilities.

Collaborate with IT teams to address security incidents and ensure compliance with industry standards.

Generate detailed reports on vulnerability status and remediation efforts for management review.

Job description

CoreFactor is searching for a Vulnerability Remediation Specialist on a contract basis for a client in the GTA.
This position can be situated out of any city within Canada.

The Opportunity:
  The Vulnerability Remediation Specialist, specializing in Windows Sever OS security, is responsible for identifying, assessing, and mitigating security vulnerabilities identified within the organization.
  This role involves conducting thorough vulnerability assessments, Risk Analysis, Impact Analysis and developing remediation strategies, and collaborating with the necessary teams to remediate the security of server operating systems as well as applications.
  The ideal candidate must be an experienced Windows server. Azure and AD security professional, possess strong communication and collaboration skills, and can effectively lead and. manage a demanding workload in our environment.

Responsibilities:

Vulnerability Assessment:
Collaborate with the Security team to conduct regular vulnerability assessments on Windows servers and corporate applications, identifying potential security risks

Remediation Planning:
Develop and implement remediation plans to address identified vulnerabilities, ensuring timely resolution.

Vulnerability Remediation:
Harden operating systems and applications by implementing security standards such as CIS, PCI, and NIST.
Work with the Patching team to manage and deploy security patches and updates for Windows servers and corporate applications.

Plan and implement fixes for non-patchable vulnerabilities.

Harden and remediate vulnerabilities in Active Directory, Azure AD, ADFS, and AD Sync.

System Management:

Manage and troubleshoot Windows Server systems, Active Directory, domain group policies, DNS, PKI, and SCCM.
Incident Response:

Collaborate with IT teams to address security incidents and implement corrective actions.
Compliance:

Ensure compliance with industry standards and regulatory requirements related to vulnerability management.
Reporting:

Generate detailed reports on vulnerability status, remediation efforts, and compliance metrics for management review.
Collaboration:

Work closely with IT teams, developers, and other stakeholders to ensure effective vulnerability management practices.

Requirements

Certifications: Relevant certifications such as CISSP, CISM, or CEH are preferred.
Practical Skills:
Hands-On experience in developing and implementing secure OS hardening processes and ensuring compliance with security standards (CIS, NIST, PCI).
Minimum of 5 years of experience in vulnerability management, with a focus on Windows servers.
Strong background and hands-on experience with Active Directory/Azure AD, Exchange (On-Prem/Hybrid), Office 365, and related services.
Hands-on experience and deep knowledge in scripting languages such as PowerShell, batch, and Azure CLI.
Technical Skills: Proficiency in vulnerability assessment tools (e.g., Nessus, Qualys), patch management systems (SCCM), and Windows server administration.
Analytical Skills: Strong analytical and problem-solving skills to identify and mitigate security risks.
Communication: Excellent communication skills to effectively convey technical information to non-technical stakeholders.
Self-Management: Ability to prioritize and manage multiple tasks in a fast-paced environment.