December 17, 2023 Position: Vulnerability Management Analyst Report to: Senior Manager, Operations Location: Remote About Us Carbon60 is 100% focused on helping companies securely manage their IT infrastructure in a cloud environment. We provide both private and public (AWS and Azure) solutions to companies across Canada, the US, and internationally. Consistently recognized by the industry and analysts for our growth (we were recently named on the list of Canada’s Fastest-Growing Companies for the sixth year in a row!), our leadership, and as an exceptional service provider in cloud solutions, we surprise our competitors and delight our customers with outstanding solutions that consistently deliver. We thrive in a fast-paced environment, where agility and innovation bring out the best in our people. Our solutions, caliber of talent and industry accolades prove it. Our Opportunity We are hiring a Vulnerability Management Analyst focused on vulnerability management and remediation for our customers via the timely rollout patches, ensuring 100% compliance, and driving and implementing automation efforts on both Windows and Linux environments. The successful candidate will join a technical support team dedicated to delivering mission-critical managed cloud solutions from multiple data centers to public and private enterprises in Canada and globally. Your focus includes, but not limited to: Acting as a primary Systems Administrator for our patch management infrastructure, maintaining current configurations and documentation, as well as recommending and implementing system enhancements that will improve its performance and reliability, including installing, upgrading, patching, monitoring, problem resolution, and configuration management Supporting multiple patching tools and client environments and ensuring necessary administration tasks are completed, such as creating and maintaining patching jobs, job scheduling and client notifications Analyzing, determining, and fulfilling patching requirements for each environment, including identifying critical vulnerabilities and patches from external sources and applications, and supporting the timely remediation of those vulnerabilities Supporting the development and maintenance of an end-to-end vulnerability management and remediation process, including reporting and escalation of critical vulnerabilities and risks, and assessing patching/remediation efforts to ensure they meet compliance requirements (PCI-DSS) and Carbon60 standards. Ongoing onboarding and deployment of new patches into existing jobs Execution of client patching windows, including coordination with Operations, Networking, Technical Account Managers, Project Managers and others as needed Facilitating out-of-band patching and Zero Day deployments Ongoing reporting of patch status as required for all recurring and non-recurring efforts Interact, meet, discuss, and troubleshoot patching related issues with vendors; evaluating vendor products, services, and suggestions Maintaining security audit and logging information on all patching activities and infrastructure Managing the implementation of multiple concurrent vulnerability management initiatives of varying complexity in a timely and efficient manner. Providing technical assistance and support for incoming queries and issues related to patching and the patch management infrastructure Able to communicate effectively at all levels of the organization, with internal or external customers, in written and oral format Adhere to strict ITIL and Information Systems Security guidelines What you bring: Associate or Bachelor degree and a minimum of 5 years of System Administration work experience Patch management and automation experience in a multi-client environment (MUST) Experience installing, configuring, and maintaining a distributed patch management infrastructure; experience with Ivanti and/or JetPatch an asset Demonstrated ability to solve complex technical problems Excellent written, verbal, and interpersonal skills Excellent troubleshooting skills Strong planning and organizational skills Strong interpersonal and communication skills are required as you will be working with clients and peers throughout the day ITIL certification and experience with Change and Release Management processes and principles an asset Must be able to provide after-hours support as required Must be able to pass an enhanced reliability check with Public Services and Procurement Canada. As an employer, Carbon60 recognizes the importance of balancing our careers with other aspects of our lives, and our culture reflects this ethos – from flexible work hours to health and wellness incentives and having fun along the way. We look for people who thrive in an environment of accountability and at times ambiguity as we adapt and grow our business. Carbon60 is an equal opportunity employer. We welcome and encourage applications from people with all levels of ability. Accommodations are available on request for candidates taking part in all aspects of the selection process. We thank all applicants for their interest in this exciting opportunity. Only candidates that meet the qualifications will be contacted for an interview.