Vulnerability Systems Engineer

About us:

Creative Information Technology Inc (CITI) is an esteemed IT enterprise renowned for its exceptional customer service and innovation. We serve both government and commercial sectors, offering a range of solutions such as Healthcare IT, Human Services, Identity Credentialing, Cloud Computing, and Big Data Analytics. With clients in the US and abroad, we hold key contract vehicles including GSA IT Schedule 70, NIH CIO-SP3, GSA Alliant, and DHS-Eagle II.

Join us in driving growth and seizing new business opportunities!

Position Description:

Vulnerability SE I:

This role performs the function of a system engineer level I that will support the city’s cybersecurity, end user computing and core engineering teams. This role will directly work with the city’s cybersecurity team to review, prioritize and remediate identified vulnerabilities related to Microsoft Windows, Microsoft Office and related ancillary software. The SE I role will primarily be responsible for working with the vulnerability management system to identify specific vulnerabilities to be remediated, research the correct remediation configuration and develop or update dashboards within the vulnerability management system to track remediation. The position may also assist a system engineer level II and the cybersecurity team in developing, deploying and validating specific deployment scripts, automations and/or installer packages to remediate specific vulnerabilities.

Job Responsibilities and Required Skills:

• Work with the City’s vulnerability management system to identify, review and track vulnerabilities and associated remediations.
• Research and identify specific configurations to remediate identified vulnerabilities.
• Work with the System Engineer II to develop automations, scripts, deployment packages and/or customized installers to remediate vulnerabilities.
• Perform other job duties requiring skills, knowledge and physical requirements as demanded by those duties described or less. Individual assignments will be determined by the supervisor based on then current workloads and department needs.
• Knowledge of principles of cybersecurity best practices and concepts.
• Familiar with database, network, virtualization and OT operations, concepts, and design.
• Experience with evaluating vulnerability and threat information to assess, measure, and prioritize mitigations based on risk.
• Experience working with client management platforms e.g. Microsoft Endpoint Configuration Manager (MECM), Microsoft Intune, PatchMyPC, Workspace One, etc.
• Knowledge of PowerShell, VBScript, and/or batch scripting.  
• Knowledge of security architecture and security best practices for AWS, Azure, Google Cloud, and/or other public platforms. 

Required Skills:

·        Requires a Bachelor’s Degree in an Information Technology related field plus two (2) years of professional IT experience; OR any combination of education (above the high school level) and/or professional progressive IT experience equivalent to six (6) years in fields utilizing the knowledge, skills and abilities in technology systems, systems 3 functions and systems capabilities; and associated with such positions as Systems Engineer, Network Engineer, Database Administrator or Programmer Analyst.

·        May be required to have a current and valid driver’s license

Vulnerability SE II: 

This role performs the function of a system engineer level II that will support the city’s cybersecurity, end user computing and core engineering teams. This role will directly work with the city’s cybersecurity team to review, prioritize and remediate identified vulnerabilities related to Microsoft Windows, Microsoft Office and related ancillary software. The SE II role will primarily be responsible for working with the vulnerability management system  and system engineer I to remediate identified vulnerabilities, develop deployment objects, deploy remediations and correct any existing vulnerability deployment objects. The role will work with the city’s cybersecurity team to develop communications and follow city requirements with regards to change management.

Job Responsibilities and Required Skills:

·        Work with the City’s vulnerability management system to identify, review and track vulnerabilities and associated remediations.

·        Develop Active Directory group policies, automations, scripts, deployment packages and/or customized installers to remediate vulnerabilities. 

·        Assist in the identification and research of remediation configurations for identified vulnerabilities. 

·        Perform other job duties requiring skills, knowledge and physical requirements as demanded by those duties described or less. Individual assignments will be determined by the supervisor based on then current workloads and department needs.

·        Knowledge of principles of cybersecurity best practices and concepts.

·        Experience with database, network, virtualization and OT operations, concepts, and design.

·        Experience with evaluating vulnerability and threat information to assess, measure, and prioritize mitigations based on risk.

·        Experience with client management platforms i.e. Microsoft Endpoint Configuration Manager (MECM), Microsoft Intune, PatchMyPC, Workspace One, etc.

·        Experience with PowerShell, VBScript, and/batch scripting.

·        Experience working with Microsoft Active Directory and Active Directory Group Policies

·        Experience working with Microsoft Entra.

·        Experience with security architecture and security best practices for AWS, Azure, Google Cloud and/or other public cloud platforms.

Required Skills:

·        Requires a Bachelor’s Degree in an Information Technology related field plus four (4) years of professional IT experience; OR any combination of education (above the high school level) and/or professional progressive IT experience equivalent to eight (8) years in fields utilizing the knowledge, skills, and abilities in technology systems, systems 3 functions, and systems capabilities; and associated with such positions as Systems Engineer, Network Engineer, Database Administrator, or Programmer Analyst.

·        May be required to have a current and valid driver’s license.