Job Summary:
We are seeking a skilled and experienced BigFix Compliance Administrator to manage, maintain, and improve the BigFix Compliance module. The candidate will be responsible for ensuring that all systems and applications within the organization comply with internal policies and external regulatory requirements. This role requires deep knowledge of IBM BigFix, specifically its Compliance module, and the ability to work collaboratively with IT teams to enforce security policies and remediate vulnerabilities.
Key Responsibilities:
- BigFix Administration:
- Manage and maintain BigFix Compliance module and policies across a large enterprise environment.
- Develop and enforce security and compliance baselines based on industry standards (e.g., CIS, DISA STIG, etc.).
- Customize compliance checks to meet organizational security and compliance requirements.
- Oversee and execute compliance-related tasks such as patch management, endpoint auditing, and system hardening.
- Compliance Monitoring & Reporting:
- Ensure systems comply with regulatory requirements (e.g., SOX, HIPAA, PCI DSS) and internal security policies.
- Generate and analyze compliance reports, providing detailed insights and remediation actions for non-compliant systems.
- Provide real-time compliance monitoring and reporting to ensure continuous improvement in security posture.
- Security & Vulnerability Management:
- Collaborate with security teams to detect and remediate ulnerabilities based on compliance standards.
- Ensure that endpoint security policies are enforced across all devices and systems, providing secure configurations.
- Policy Management:
- Assist in defining and configuring security policies using BigFix Compliance to meet industry benchmarks.
- Regularly update and manage custom content such as fixlets and baselines to reflect changing security policies and standards.
- Collaboration & Support:
- Work closely with IT infrastructure, security, and operations teams to ensure smooth BigFix deployment and policy enforcement.
- Provide technical expertise and support to resolve BigFix Compliance issues in a timely manner.
- Assist in audits by providing accurate compliance data and reports to internal and external auditors.
- System Maintenance & Optimization:
- Perform regular maintenance, tuning, and optimization of the BigFix platform to ensure high performance and reliability.
- Implement automation scripts and configurations for compliance assessments and remediation tasks.
Required Qualifications:
- Education:
- Bachelor’s degree in Computer Science, Information Technology, or related field (or equivalent work experience).
- Experience:
- 3+ years of experience with IBM BigFix platform, particularly in Compliance management.
- Proven track record in managing compliance and security policies in large-scale enterprise environments.
- Hands-on experience with regulatory compliance frameworks such as CIS, DISA STIG, PCI DSS, HIPAA, and others.
- Skills & Knowledge:
- Strong knowledge of the BigFix Compliance module and ability to customize compliance checks.
- Expertise in security standards, compliance baselines, and regulatory requirements.
- Proficiency in scripting languages (e.g., PowerShell, VBScript) and creating custom content (fixlets, tasks).
- Experience with reporting and analytics tools for compliance monitoring.
- Familiarity with server and endpoint security hardening.
- Soft Skills:
- Strong analytical and problem-solving skills.
- Excellent communication and collaboration skills to work with cross-functional teams.
- Detail-oriented with a focus on accuracy and completeness in reporting and documentation.
Preferred Qualifications:
- Certifications such as HCL Bigfix Certified Professional
- Experience with other BigFix modules (Lifecycle, Inventory, Patch Management).
- Knowledge of Bigfix relevance query languages.
- Familiarity with vulnerability management tools and frameworks.