Vulnerability Remediation Engineer - 60019509

Full Job Description

The Department of Administration's (Admin) Office of Technology and Information Services (OTIS) is the state’s central provider of IT services to state government agencies.

We are seeking a talented Vulnerability Remediation Engineer to join our team.

This role is an integral part of our Vulnerability Remediation/ Service Monitoring team comprised of a group of highly skilled engineers.

This position will assist the Division of Technology Operations (DTO) Shared Services team in strengthening the security posture of enterprise systems through vulnerability identification, risk analysis, and remediation coordination.

You will administer and support vulnerability management activities in alignment with statewide security standards established by the Division of Information Security (DIS).

You will work alongside our Shared Services operational teams supporting state agencies in assessing, prioritizing, and resolving vulnerabilities while minimizing operational impact.

This position plays a critical role for improving the organization’s security posture and ensuring compliance.

If you thrive on ensuring security infrastructure and are looking to make an impact within a complex environment, this position is for you!

This position is onsite in Columbia, South Carolina.

• Partner with DTO Shared Services operational teams to strengthen the security posture of enterprise systems by supporting implementation of statewide vulnerability and configuration management practices established by DIS.

Conduct ongoing analyses of vulnerability scan results using the statewide vulnerability management platform and related security tools.

Validate findings, interpret risk severity, and coordinate remediation activities with system owners and technical teams to ensure timely resolution across the shared services environment.

• Support security assessments, regulatory reviews, and statewide compliance initiatives impacting Shared Services.
• Collaborate with DIS staff and agency partners to develop, document, and track Plans of Action & Milestones (POA&Ms), ensuring remediation efforts are measurable and aligned with security governance requirements.
• Develop and maintain documentation, reporting metrics, and status updates demonstrating remediation progress and compliance alignment.
• Recommend process improvements that enhance the consistency and effectiveness of vulnerability management activities across the enterprise.
• Serve as a technical resource and representative of the agency on committees, project teams, and cross-functional initiatives as assigned. Provide subject matter expertise on vulnerability management practices and assist in resolving security-related issues affecting supported agencies.

Requirements

• A bachelor's degree in information technology systems, computer science, or a related field and experience in the information technology field to include experience in a security-focused role. Relevant experience may be substituted for the bachelor's degree on a year-for-year basis.

• Experience operating vulnerability management tools, including scan configuration, result analysis, and remediation validation.
• Working knowledge of Windows and/or Linux operating systems and associated security controls within enterprise environments.
• Understanding of how vulnerability management integrates with patch management, configuration management, endpoint protection, and network security technologies.
• Ability to interpret vulnerability data using industry standards (e.g., NIST, CVSS, MITRE ATT&CK), assess risk severity, and communicate findings to technical and non-technical stakeholders.
• Knowledge of governance processes supporting enterprise security compliance and the ability to prioritize remediation activities.

Qualifications

• Experience working in a shared services or multi-agency environment.
• Experience in systems administration, cloud engineering, or infrastructure support with responsibility for remediation or security hardening.
• Relevant industry certifications.

Additional Information

The Department of Administration is committed to providing equal employment opportunities to all applicants and does not discriminate on the basis of race, color, religion, sex (including pregnancy, childbirth, or related medical conditions including, but not limited, to lactation), national origin, age (40 or older), disability or genetic information.

Supplemental questions are considered part of your official application. Any misrepresentation will result in your disqualification from employment.

Please complete the state application to include all current and previous work history and education.

A resume will not be accepted nor reviewed to determine if an applicant has met the qualifications for the position.

The South Carolina Department of Administration offers an exceptional benefits package for full time (FTE) employees: