What You'll Do: A Network Security Analyst I will patch and complete vulnerability remediation as they are essential to protect systems, reduce organizational risk, maintain compliance, and ensure reliable operations. this asset will provide vulnerability management and compliance to the TxDOT cloud environment. The Cloud Vulnerability Remediation Engineer is responsible for identifying, assessing, and remediating security vulnerabilities in cloud environments to reduce enterprise risk and maintain compliance with established security policies.
This role focuses on vulnerability remediation activities across cloud infrastructure and platform services, coordinating patching, configuration changes, and compensating controls in alignment with approved vulnerability management and change management processes. The role works closely with Cloud Operations, Security, Application, and Risk teams to ensure vulnerabilities are remediated within required timelines and that cloud workloads remain secure, stable, and compliant.
Key Responsibilities:
Review and analyze vulnerability findings affecting cloud hosted resources identified through approved scanning and security tools.
Assess vulnerability applicability and risk impact for cloud infrastructure, platform services, and supporting components.
Plan and execute remediation actions, including patching, configuration changes, and security hardening, in accordance with established remediation timelines.
Validate remediation results and confirm successful closure of assigned vulnerability tasks.
Perform cloud-based patching and update activities for supported workloads using approved processes.
Implement cloud security configuration changes required to reduce exposure where vendor patches are unavailable.
Create, update, and maintain remediation tasks and change records in the system of record to support audit and compliance requirements.
Ensure remediation activities follow established change management, approval, and validation processes.
Provide remediation status updates and evidence for security reporting, audits, and leadership reviews.
Support remediation efforts that require temporary mitigations or compensating controls when permanent fixes are not immediately available
Partner with Security, Cloud Architecture, and Application teams to resolve complex or cross platform vulnerabilities.
Identify recurring issues, remediation blockers, or process gaps and recommend improvements.
Support enterprise efforts to reduce technical debt and improve cloud security posture over time.
Minimum Qualifications (Required)
Candidates must meet all minimum requirements to be considered competitive.
3+ years of professional IT experience with hands-on exposure to cloud infrastructure, system administration, or vulnerability remediation
3+ years supporting cloud-hosted systems in at least one enterprise cloud environment (Azure, AWS, or GCP)
3+ years understanding of vulnerability remediation concepts, including:
Patching
Configuration hardening
Compensating controls
3+ years of experience working with IT service management (ITSM) and change management processes
Strong analytical, documentation, and reporting skills
Ability to follow defined security procedures, remediation workflows, and compliance guidelines
Effective communication and collaboration skills to work across security, cloud, and operations teams
Preferred Qualifications (Good to Have)
1+ year exposure to enterprise vulnerability management programs, remediation SLAs, and risk-based prioritization
1+ year knowledge of cloud security posture management (CSPM), security baselines, or risk reporting
Relevant cloud or security certifications, such as:
Azure Fundamentals / Azure Security
AWS Cloud Practitioner / Security Specialty
CompTIA Security+
Any cloud governance or security-focused certification
