Country/Region:  US
Requisition ID:  37291
Work Model:  Remote
Position Type:  Permanent
Salary Range: 
Location:  US - ALPHARETTA-GA-USA

Title:  Technical Lead-Cloud & Infra Engg

Description: 

Long Description

Linux Vulnerability Remediation Engineer (Server Infrastructure – RHEL 7/8/9/10)

Remote

Fulltime

 


Key Responsibilities

Vulnerability Remediation & Patch Management

  • Own and execute end-to-end remediation for vulnerabilities identified on Linux servers (RHEL 7/8/9), including OS/package patching and configuration hardening.
  • Fast-track and manage all Meridian-related remediation requirements as they are received, ensuring adherence to defined SLAs and audit expectations.
  • Triage vulnerability findings (primarily from Qualys) and translate them into actionable remediation plans, considering exploitability, criticality, asset tiering, and operational risk.
  • Coordinate remediation activities for:
    • Kernel and package updates (YUM/DNF), security errata, and required reboots where applicable.
    • CIS/STIG-aligned configuration changes (as applicable in the environment).
    • Mitigations/compensating controls when immediate patching is not feasible (documented and approved per process).

Automation, Configuration Management & Engineering

  • Develop, enhance, and maintain remediation automation using:
    • Chef (cookbooks/recipes, attributes, templates, policy files as applicable)
    • Ansible (playbooks, roles, inventories, modules)
    • Shell scripting (Bash) and Ruby for server-side automation and custom remediation logic
  • Convert recurring manual remediation steps into repeatable automated solutions and standardized runbooks.
  • Ensure code follows internal engineering standards: version control, peer review, testing, documentation, and change management.

Validation, Closure & Reporting

  • Validate remediation effectiveness by re-scanning and verifying closure in Qualys (and/or approved internal validation methods).
  • Confirm fixes did not introduce regressions; coordinate with application and platform teams for post-change verification.
  • Maintain accurate documentation of remediation actions, approvals, exceptions, and closure evidence to support audit and compliance needs.
  • Provide progress updates, metrics, and risk status to stakeholders (e.g., open critical/high items, aging items, SLA adherence).

Cross-Team Coordination & Operational Execution

  • Schedule and lead remediation calls with infrastructure support teams, application owners, and other stakeholders to drive timely execution.
  • Work within change management processes: create/execute change plans, develop rollback steps, and coordinate maintenance windows.
  • Partner with platform engineering to improve standard server baselines and prevent vulnerability recurrence.

Vendor & Release Coordination (as needed)

  • Follow up with vendors (e.g., Red Hat or software providers) for patch availability, release schedules, and remediation guidance when vulnerabilities require vendor action.
  • Track advisories (RHSA/RHBA) and coordinate planned rollout timelines where applicable.

Area(s) of responsibility

Required Qualifications

  • 6-10 years of Strong hands-on experience with RHEL 7/8/9/10 in enterprise environments.
  • Proven experience driving vulnerability remediation and patch management for Linux servers.
  • Expertise with Qualys (or equivalent vulnerability scanners) including interpreting findings, false-positive validation, and closure verification.
  • Automation experience with Chef and/or Ansible in production.
  • Strong scripting skills: Bash, plus working proficiency in Ruby (or ability to maintain/extend existing Ruby codebases).
  • Understanding of Linux security fundamentals (permissions, services, SSH hardening, package management, kernel considerations).
  • Experience working with change management, incident/problem management, and coordinating across multiple support teams.

Preferred Qualifications

  • Familiarity with compliance/security frameworks (e.g., CIS benchmarks, STIG concepts) as applied to Linux servers.
  • Experience with CI/CD or automated testing for infrastructure code (linting, unit/integration testing where applicable).
  • Experience operating in large-scale environments (hundreds/thousands of servers) with tiered production controls.
  • Working knowledge of container host hardening and server-side runtime dependencies (if applicable to the server fleet).

Key Skills & Competencies

  • Remediation prioritization and risk-based decision making
  • Strong troubleshooting and root-cause analysis (package conflicts, dependency issues, service impacts)
  • Clear communication and ability to drive closure across stakeholders
  • Documentation discipline and audit readiness mindset
  • Ability to deliver under tight timelines while maintaining system stability

Deliverables / Success Measures

  • Reduction in open Patch NOW/Critical/High vulnerabilities and improved SLA compliance.
  • Consistent, repeatable remediation through Chef/Ansible automation.
  • Verified closures in Qualys with clear evidence and minimal re-open rates.
  • Improved remediation cycle time for Meridian requirements and other prioritized findings.
  • Fewer recurring vulnerability patterns through baseline improvements and preventive controls.