Windows 11 Security Hardening & Remediation Specialist-2026-51

emergiTEL

11h•Remote

About The Position

EmergiTEL is hiring a Windows 11 Security Hardening & Remediation Specialist for our client in the banking industry. This is a 6-month contract role. Our client is seeking dedicated Security Configuration Management (SCM) Lifecycle Specialists to lead and execute critical security hardening and remediation efforts. This project builds upon our existing operating system foundations to holistically secure our environment, minimize the attack surface, and achieve alignment with industry best practices (such as CIS Benchmarks and NIST). You will perform comprehensive gap analyses, collaborate with Cybersecurity Governance on the Configuration Hardening Standard review, and develop/implement robust hardening policies across our endpoint layers—bridging the gap between core OS configurations, specialized applications, and database layers.

Requirements

Deep technical knowledge of Windows enterprise security architecture (e.g., Credential Guard, Virtualization-based Security, BitLocker).
Advanced experience managing and deploying security policies via unified endpoint management platforms, including Omnissa Workspace One or Active Directory GPOs.
Proficiency in PowerShell for writing automated remediation and compliance-checking scripts.
Strong familiarity with CIS Benchmarks, NIST SP 800-53, or DISA STIGs specifically mapped to Microsoft environments.
5+ years of experience in Cybersecurity, Endpoint Engineering, or Infrastructure Security with a heavy focus on Configuration Management.
Proven track record of participating in large-scale enterprise remediation projects or compliance lifecycles.
Solid understanding of ports, protocols, and services management to support the project's network-layer scope.
Ability to translate complex compliance documents (like a Governance Standard) into technical, actionable engineering requirements.
Strong documentation skills for creating hardening standards, change management plans, and remediation playbooks.

Responsibilities

Conduct a deep-dive gap analysis of the current Windows fleet against Cybersecurity Governance Hardening Standards.
Work with the subject matter experts, security, and governance teams to derive hardened configuration baseline documentation in alignment with the Configuration Hardening Standard.
Author, refine, and maintain Group Policy Objects (GPOs), configuration profiles, and PowerShell remediation scripts.
Ensure Windows 11 endpoint security configurations seamlessly align with the hardening requirements of specialized local applications, databases, and refined port/protocol management.
Lead the phased rollout of OS-level hardening configurations across the enterprise, minimizing user disruption while maximizing defensive posture.
Partner with the Windows Engineering, Identity & Access Management (IAM), and Cybersecurity Governance teams to ensure compliance.
Training, testing and documentation is required to be delivered.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume