Vulnerability Remediation Technician REMOTE
  • South Africa
  • Cyberlogic
1 year before
31.12.2023
Protect and Defend
Vulnerability Assessment and Management
Job Description

JOB TITLE:

Vulnerability Remediation Technician


LOCATION:

Remote


ABOUT CYBERLOGIC:

Cyberlogic is a trusted Managed Solutions Provider focusing on optimising cloud infrastructure and cyber security. Our just cause is to enable digital transformation through delivering unquestionable value.


Our core capabilities are in IT leadership, security and cloud. We have over 27 years of experience in infrastructure and support services, adhere to ITIL best practices and hold a breadth of knowledge across various technologies and industries.


We believe our people are essential to our continued success and support career growth through our Go4Growth model which is aimed at encouraging our people to continuously contribute, learn, evolve and succeed.


OUR VALUES:

We challenge ourselves to be more AWESOME
We are driven to KEEP learning and EVOLVING
We look beyond symptoms to identify and RESOLVE ROOT CAUSES
We hold each other accountable through CANDID and constructive FEEDBACK
We respect and care for each other and know we will only SUCCEED if we work AS A TEAM
We CARE deeply ABOUT the success of CYBERLOGIC
We FINISH WHAT WE START
We always GIVE OUR BEST even if it means putting in the hard yards
We KEEP THINGS SIMPLE


PURPOSE OF POSITION:

The Vulnerability Remediation technician will be tasked with remediating vulnerabilities on clients’ systems. This includes vulnerability remediation planning, patching and manual remediation actions. They will be required to analyse and assess the impact of remediation on various systems and environments. A member in this role will need to have to ability to take ownership of items, lead the support of their items, apply expertise and knowledge, conduct deep analysis, and write/present reports.


KEY PERFORMANCE AREAS

Understanding the impact of vulnerability remediation actions.
Coordination of patch schedules.
Developing remediation plans.
Create remediation scripts.
Test remediation actions.
Analyse Vulnerability Metrics.
Action remediation plans.


RESPONSIBILITIES

Researching the vulnerability, the affected system and remediation actions to understand the impact of the vulnerability and its fix.
Coordinate client patch schedules for their workstations and servers. Ensuring that patches for servers take place in line with Backup schedules which are managed by different teams.
Create and document remediation plans and action steps which can be handed over to various entities to remediate vulnerabilities.
Create scripts which can be deployed to remediate vulnerabilities via Command Prompt, Terminal, or PowerShell.
Conduct testing of high risk or unfamiliar remediation actions in a test environment.
Analyse vulnerability data and metrics in order to understand the client’s vulnerability landscape as well as to plan and execute vulnerability remediation efforts.
Practically implementing vulnerability remediation plans on client devices.


QUALIFICATIONS AND EXPERIENCE

3+ years working in-depth with IT systems, processes, and capabilities.
Has a fundamental understanding of security principles.
Has experience and is knowledgeable about Vulnerability Management.
Has hands on experiences with patch management.
Experience with using remote management software.
Has scripting experience.
Can communicate technical items to a non-technical audience.
CompTIA Security+ certification is required as a minimum.
Qualys Certified Specialists certifications are desired.
MCP, MCITP or relevant Microsoft certification is required.
Professional Microsoft Windows understanding surrounding fundamental functions, the registry, and security related considerations is required.
Professional Linux understanding surrounding installs, upgrades, updates, and security related considerations is desired.
You may be required to travel to clients or our other offices. Own vehicle and a valid driver’s license is required.


Should you work from home, it is your responsibility to ensure that you have uninterrupted internet connectivity and a ‘work-like’ environment at your home location to deliver your best in terms of performance and productivity.


Quick response

Required Knowledge
  • K0004   Knowledge of cybersecurity and privacy principles.
  • K0005   Knowledge of cyber threats an`d vulnerabilities.
  • K0006   Knowledge of specific operational impacts of cybersecurity lapses.
  • K0021   Knowledge of data backup and recovery.
  • K0033   Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
  • K0061   Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
  • K0070   Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
  • K0161   Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
  • K0162   Knowledge of cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).
  • K0167   Knowledge of system administration, network, and operating system hardening techniques.
  • K0203   Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).
  • K0206   Knowledge of ethical hacking principles and techniques.
  • K0308   Knowledge of cryptology.
  • K0332   Knowledge of network protocols such as TCP/IP, Dynamic Host Configuration, Domain Name System (DNS), and directory services.
  • K0344   Knowledge of an organization’s threat environment.
  • K0624   Knowledge of Application Security Risks (e.g. Open Web Application Security Project Top 10 list)

Required Skills
  • S0171   Skill in performing impact/risk assessments.
  • S0367   Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Required Abilities
  • A0001  Ability to identify systemic security issues based on the analysis of vulnerability and configuration data.
  • A0123  Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).