Title: Technical Lead-Cloud & Infra Engg
Competencies
Area(s) of responsibility
Windows Vulnerability Remediation Engineer (Server Infrastructure – Windows Server 2016/2019/2022)
The Windows Vulnerability Remediation Engineer is responsible for accelerating vulnerability remediation and patching activities across server infrastructure.
o Chef (cookbooks/recipes, attributes, templates, policy files as applicable)
o Ansible (playbooks, roles, inventories, modules—Windows modules/WinRM-based execution as applicable)
o PowerShell and scripting (server-side automation and custom remediation logic)
o Ruby for maintaining/extending Chef-based remediation code and custom logic
________________________________________
Scope (In-Scope / Out-of-Scope)
In-Scope
• Server infrastructure running Windows Server 2016, 2019, 2022
• End-user computing (desktops/laptops)
• Network/security appliances, storage appliances, or specialized non-server devices
________________________________________
Required Qualifications
• 6–10 years of strong hands-on experience with Windows Server 2016/2019/2022 in enterprise environments.
• Proven experience driving vulnerability remediation and patch management for Windows servers.
• Expertise with Qualys (or equivalent vulnerability scanners) including interpreting findings, false-positive validation, and closure verification.
• Automation experience with Chef and/or Ansible in production Windows server environments.
• Strong scripting skills (PowerShell; plus ability to use/maintain shell scripting where applicable in the environment).
• Working proficiency in Ruby (or ability to maintain/extend existing Ruby codebases used for Chef remediation).
• Strong understanding of Windows security fundamentals (patching, services, permissions, registry, authentication, TLS/cipher considerations as applicable).
• Experience working with change management, incident/problem management, and coordinating across multiple support teams.
________________________________________
Preferred Qualifications
• Familiarity with compliance/security frameworks and server hardening concepts (e.g., Microsoft Security Baselines, CIS benchmarks, STIG concepts) as applied to Windows Server.
• Experience with CI/CD or automated testing for infrastructure code (linting, unit/integration testing where applicable).
________________________________________