Apply on Employer Site

codexIT · 2 months ago

Infrastructure & Security Operations Specialist

United States

Full-time

Remote

Mid Level

3+ years exp

codexIT is a company seeking a highly skilled Infrastructure Security Operations Engineer to join their cybersecurity and network operations team. This role involves monitoring and managing IT infrastructure, ensuring security through patch management, and responding to incidents in a 24/7 operational environment.

Health CareInformation Technology

Responsibilities

Monitor vendor security bulletins, update announcements, and vulnerability intelligence feeds (e.g., CVE databases, NVD) to identify applicable and critical patches

Conduct regular vulnerability scans of systems to assess current patch levels and identify missing updates

Analyze patch release notes and cybersecurity advisories to assess potential impact and prioritize updates based on vulnerability severity (CVSS scores), exploitability, and business criticality

Work with security and infrastructure teams to communicate risks and recommend appropriate security controls for vulnerabilities that cannot be immediately patched

Coordinate and perform patch testing in controlled staging environments to ensure compatibility and prevent conflicts before production deployment

Develop and implement rollback procedures in case of unexpected issues arising from patch deployment

Plan, schedule, and execute patch deployments during defined maintenance windows to minimize disruption to business operations

Utilize and manage patch management tools (e.g., Microsoft SCCM, WSUS, Ivanti, Ansible, or other enterprise solutions) to deploy updates at scale

Monitor patch deployment status in real-time, identify failed installations, and coordinate remediation activities

Troubleshoot patch-related issues, including installation failures and system reboots, in collaboration with system owners

Ensure all patching activities comply with internal security policies and external regulatory standards (e.g., PCI-DSS, HIPAA, SOC 2)

Maintain detailed documentation of patching procedures, schedules, test results, and exceptions for auditing purposes

Generate comprehensive reports and dashboards on patch compliance and system status for management and auditors

Monitor managed service alerts using advanced monitoring tools and dashboards to ensure optimal performance and availability

Perform root cause analysis for network outages and performance degradation, implementing corrective actions

Coordinate with vendors and internal teams to resolve connectivity issues and minimize service disruptions

Maintain comprehensive documentation, including network diagrams, configuration records, and standard operating procedures

Execute change management procedures for network modifications, ensuring minimal business impact

Respond to and escalate critical infrastructure alerts according to established incident response protocols

Monitor and manage firewalls, routers, switches, hosts and other infrastructure components

Monitor security information and event management (SIEM) systems for potential threats and suspicious activity

Analyze security alerts and investigate potential security incidents in real-time

Perform initial triage and classification of security events based on severity and potential impact

Document security incidents and maintain detailed incident reports for compliance and audit purposes

Assist in vulnerability assessment activities and coordinate remediation efforts

Support incident response procedures and containment efforts during security events

Stay current on emerging threats, attack vectors, and security frameworks (MITRE ATT&CK, Cyber Kill Chain)

Collaborate with SOC teams to ensure comprehensive security coverage

Stay informed on emerging security trends, vulnerabilities, and best practices in infrastructure security and patch management

Recommend and implement improvements to monitoring tools, security systems, and patch management processes

Leverage automation through scripting (PowerShell, Python, Bash) to increase operational efficiency

Participate in disaster recovery planning and business continuity exercises

Qualification

Network OperationsCybersecurity OperationsPatch ManagementVulnerability ManagementScripting PowerShellScripting PythonSIEM PlatformsNetwork Monitoring ToolsFirewallsSecurity AppliancesOperating Systems KnowledgeAnalytical SkillsCommunication SkillsCollaboration SkillsDocumentation Skills

Required

Bachelor's degree in Computer Science, Information Technology, Cybersecurity, Information Systems, or related field (or equivalent experience)

3+ years of experience in network operations, security operations, patch management, or related field

Proven experience managing patch deployment in complex enterprise environments

Strong understanding of network protocols (TCP/IP, DNS, DHCP, BGP, OSPF) and network architecture

Experience with network monitoring tools (SolarWinds, PRTG, Nagios, or similar)

Familiarity with SIEM platforms (Splunk, QRadar, LogRhythm, or similar)

Knowledge of firewalls, IDS/IPS, VPNs, and security appliances

Proficiency with patch management tools such as SCCM, WSUS, Ivanti, or similar platforms

Experience with vulnerability scanning tools (e.g., Nessus, Qualys, Rapid7)

Understanding of common attack vectors and security frameworks (MITRE ATT&CK, Kill Chain)

Strong knowledge of operating systems (Windows Server/client, Linux distributions, macOS) and application security hardening principles

Experience with scripting languages (PowerShell, Python, or Bash) for automation tasks

Excellent troubleshooting and analytical skills with attention to detail

Strong risk assessment and prioritization abilities

Strong written and verbal communication skills for technical and non-technical audiences

Ability to work in a 24/7 operational environment, including participation in on-call rotation

Excellent collaboration skills to coordinate with various stakeholders and technical teams

Strong documentation skills for maintaining operational procedures and incident reports

Preferred

Industry certifications such as: CCNA, CompTIA Network+, Security+, CEH, GCIH, CySA+, CISSP, Microsoft Certified: Windows Server, Azure, GCP, AWS, Relevant vendor certifications (SCCM, Ivanti)

Experience with cloud platforms (AWS, Azure, GCP) and cloud security

Advanced scripting skills for automation and workflow optimization

Knowledge of threat intelligence platforms and threat hunting techniques

Experience with ticketing systems (ServiceNow, Jira) and ITSM processes

Understanding of regulatory compliance requirements (PCI-DSS, HIPAA, SOC 2, NIST frameworks)

Experience with configuration management tools (Ansible, Puppet, Chef)

Knowledge of containerization and orchestration (Docker, Kubernetes)

Familiarity with DevSecOps practices and CI/CD pipelines