RiseMe
LoginSign Up
Bizoforce - The Innovation Platform Accelerating Digital Solutions for Enterprises logo
Bizoforce - The Innovation Platform Accelerating Digital Solutions for Enterprises Verified
Information Technology & Services

Endpoint Security Engineer – SCCM & Vulnerability Management

North Carolina, United StatesOnsiteContractPosted 2 months agoVisa sponsorship available

Is this role right for you?

Upload your resume and get a skill-by-skill breakdown — see exactly where you match, where you're close, and what to highlight. Not a mystery percentage.

Get a tailored resume highlighting what this role needs.

Role summary

We are seeking an Endpoint Security Engineer with expertise in vulnerability remediation, patch deployment, and endpoint hardening for enterprise environments. The role involves utilizing Microsoft System Center Configuration Manager (SCCM) and related tools to ensure stable, compliant endpoints with measurable reporting. Key responsibilities include analyzing Qualys vulnerability findings, managing patch deployments through SCCM, implementing hardening standards, troubleshooting issues, and generating compliance metrics. This position requires a minimum of three years of direct experience with SCCM in a production enterprise setting and hands-on experience with Qualys for remediation validation.

We are hiring a Systems Engineer with hands-on vulnerability remediation, patch deployment, and endpoint hardening for enterprise endpoints. Uses Microsoft System Center Configuration Manager, also known as Microsoft Endpoint Configuration Manager, and related endpoint tooling to deliver stable, compliant outcomes with measurable reporting.

ESSENTIAL FUNCTIONS:

  • Review Qualys Vulnerability Management findings for endpoints and translate into actionable remediation work, including prioritization, patch selection, and closure validation through rescans.
  • Define, test, package, and deploy operating system and application patches in SCCM controlled deployment rings and maintenance schedules.
  • Create new Software Update Groups (SUGs) each month for workstations and servers, segregated by OS and environment if needed (e.g., prod, dev, test).
  • Schedule and configure deployments for new SUGs, defining appropriate maintenance windows, user notifications, and reboot behavior.
  • Implement endpoint hardening standards including security baselines, policy configurations, encryption posture support, and reduction of risky endpoint configurations.
  • Troubleshoot patch failures and post-change endpoint issues; coordinate with Service Desk and Field Services for remediation and device recovery.
  • Produce and maintain metrics for patch compliance, vulnerability aging, remediation success rates, and repeat findings; support service level agreement reporting.
  • Maintain documentation and knowledge articles for repeatable endpoint remediation processes.

REQUIRED QUALIFICATIONS:

  • Three or more years of direct, hands-on endpoint patching experience using Microsoft System Center Configuration Manager or Microsoft Endpoint Configuration Manager in a production enterprise.
  • Demonstrated experience executing patch testing, staged rollouts, deployment troubleshooting, and compliance verification.
  • Hands-on experience using Qualys Vulnerability Management reporting for remediation validation and closure.

PREFERRED QUALIFICATIONS:

  • Hospital information technology experience strongly preferred; broader healthcare experience preferred.
  • Certifications highly desirable: Microsoft endpoint certifications, CompTIA Security+, or equivalent.

WORK SCHEDULE EXPECTATIONS:

  • Participation in scheduled maintenance windows as required.

EDUCATION:

  • Associate degree or equivalent combination of education and experience.
Ready to apply?
You'll be redirected to Bizoforce - The Innovation Platform Accelerating Digital Solutions for Enterprises's application page.