Accountable for enterprise governance, risk reduction, and lifecycle oversight of endpoint vulnerabilities and configuration compliance across physical and virtual environments.
Partner across engineering, operations, and security stakeholders to identify, prioritize, remediate, and prevent endpoint security exposures.
Drive risk-based remediation workflows aligned to business impact, exploitability, and fleet exposure.
Validate remediation efficacy and ensure vulnerability closure is auditable and reproducible.
Own Secure Baseline Configuration compliance outcomes for Windows 11 across physical devices and VDI.
Lead or co-lead root cause analysis for recurring endpoint issues and systemic remediation failures.
Leverage Microsoft Endpoint Configuration Manager (SCCM/MECM) to support remediation delivery at scale.
Create and maintain PowerShell automation to reduce manual effort, accelerate remediation, and improve consistency.
Use SQL and relational database concepts to support remediation tracking, compliance analytics, trend analysis, and operational reporting.
Produce clear, structured documentation suitable for audit and cross-team reuse.

Bachelor's degree and five years of experience in development or application support or an equivalent combination of education and work experience.
In-depth knowledge in information systems and ability to identify, apply, and implement best practices.
Understanding of key business processes and competitive strategies related to the IT function.
Ability to plan and manage projects.
Ability to solve complex problems by applying best practices.
Ability to provide direction and mentor less experienced teammates.
Ability to interpret and convey complex, difficult, or sensitive information.

Lead Vulnerability Remediation Engineer – Infrastructure Engineer

Key skills