Remediation Engineer – Security & Vulnerability Management

Summary: The role of Remediation Engineer – Security & Vulnerability Management involves supporting vulnerability management and threat remediation efforts within an organization. The successful candidate will analyze security vulnerabilities, coordinate with cross-functional teams, and implement effective remediation strategies across various environments, including on-premise and cloud platforms. This position requires a strong technical background in security and vulnerability management tools, as well as experience in cloud security practices. The role is based in Middlesex, requiring 3-4 days onsite work per week.

Key Responsibilities:

• Lead the identification, assessment, and remediation of vulnerabilities across all operating systems (Windows, Linux, macOS) and platforms (on-premise and cloud).
• Analyze vulnerability scan results from tools such as Qualys, Nessus and cloud native tools.
• Collaborate with system, application, and infrastructure teams to prioritize and remediate vulnerabilities across on-premise and cloud environments.
• Prioritize vulnerabilities based on risk, asset criticality, and threat intelligence, ensuring timely resolution.
• Perform or coordinate OS and application patching using tools such as SCCM, Ansible, Tanium, or Satellite.
• Contribute to remediation playbooks, SOPs, and security incident response plans.
• Manage and support secure configurations, patching, and vulnerability remediation across AWS and Azure environments.
• Remediate security misconfigurations or threats in AWS, Azure, and/or GCP using cloud-native security tools (e.g., AWS Inspector, Azure Security Center).
• Collaborate with IT, DevOps, and application teams to track and verify remediation efforts.
• Maintain and enhance tools and processes for vulnerability tracking, reporting, and dashboard metrics.
• Develop and deliver regular status updates, risk reports, and executive summaries to stakeholders.
• Create automation scripts (PowerShell, Bash, Python) to assist in large-scale remediation efforts.
• Support integration of remediation workflows into CI/CD pipelines.
• Serve as the primary point of contact for security remediation coordination, driving accountability across teams.
• Continuously improve the vulnerability management program through automation, documentation, and adoption of best practices.
• Stay updated on emerging vulnerabilities, CVEs, and remediation techniques.

Key Skills:

• Strong knowledge of vulnerability management tools (e.g., AWS Inspector, Azure Security Center, Qualys, or similar).
• Solid understanding of operating systems (Windows, Linux).
• Hands-on experience with AWS and Azure cloud security practices.
• Familiarity with patch management, endpoint protection, and configuration management tools.
• In-Depth Knowledge Of: Windows Server, Linux distributions (Ubuntu, RHEL/CentOS).
• Network and endpoint security principles.
• Patch management and vulnerability lifecycle.
• Vulnerability scanning and management tools (e.g., Tenable, Qualys, Rapid7).
• Scripting and automation (PowerShell, Bash, Python).
• Ticketing and ITSM tools (e.g., Jira, ServiceNow, Remedy).
• Security compliance standards (e.g., NIST, PCI-DSS, ISO 27001, CIS Benchmarks).

Salary (Rate): £400/day

City: Hayes

Country: United Kingdom

Working Arrangements: on-site

IR35 Status: undetermined

Seniority Level: undetermined

Industry: IT