Sign upLog in

Windows Server 2025 CIS Hardening Consultant / Security Build Engineer

ECLARO

Oakland, CA

Apply
JOB DETAILS
SKILLS
Automation, Benchmarking, Build Management, Consulting, DNS (Domain Name System), Dental Insurance, Diversity, Documentation, Firewalls, Functional Testing, Genetics, Identify Issues, Internet Security, Microsoft Active Directory, Microsoft Hyper-V, Microsoft Product Family, Microsoft Windows Azure, Microsoft Windows NT Group Policy, Microsoft Windows Operating System, Microsoft Windows Server, Nessus, Regulatory Compliance, Risk, Scripting (Scripting Languages), Security Consulting, Security Information and Event Management (SIEM), Security Policy, Software Patches, U.S. National Institute of Standards and Technology (NIST), VMWare, Virtual Machine (VM), Vision Plan, Windows PowerShell
LOCATION
Oakland, CA
POSTED
1 day ago
Windows Server 2025 CIS Hardening Consultant / Security Build Engineer
Job Number: 26-00971

Use your skills where innovative technology solutions begin. ECLARO is looking for a Windows Server 2025 CIS Hardening Consultant / Security Build Engineer for our client in Oakland, CA.

ECLARO’s client is a leading technology solutions provider, collaborating with customers to manage their needs and achieve success in their business goals. If you’re up to the challenge, then take a chance at this rewarding opportunity!

Responsibilities:
  • Develop, validate, and document a CIS-hardened Windows Server 2025 golden image that can be used as the organization's standard server build image.
  • Review existing Windows Server build standards.
  • Identify applicable CIS benchmark profile, such as Level 1 Member Server.
  • Build or update Windows Server 2025 baseline image.
  • Apply CIS hardening settings through GPO, local policy, PowerShell, or build automation.
  • Run Tenable CIS benchmark scans against the image.
  • Remediate failed controls where technically feasible.
  • Document exceptions where controls cannot be applied due to operational impact.
  • Validate core functionality after hardening.
  • Create final golden image or VM template.
  • Provide implementation guide for future server builds.
  • Provide handoff documentation for Cybersecurity and Infrastructure teams.
  • Expected Deliverables:
    • CIS-hardened Windows Server 2025 golden image or VM template.
    • GPO / local policy configuration package.
    • Tenable CIS benchmark scan results before and after remediation.
    • Remediation tracker with pass / fail status.
    • Exception / risk acceptance register.
    • Build and deployment guide.
    • Rollback or troubleshooting notes.
    • Recommended patching and maintenance process.
    • Final handoff session with Cybersecurity, Systems, and NetOps teams.
  • Success Criteria:
    • Windows Server 2025 image is hardened against the agreed CIS benchmark profile.
    • Tenable compliance scan results are reviewed and documented
    • Exceptions are clearly justified and approved.
    • Image is operationally usable by Infrastructure teams.
    • Cybersecurity can approve the image as the organization's standard Windows Server 2025 baseline.

Required Skills:
  • Strong Windows Server 2022 / 2025 administration experience.
  • CIS Benchmark implementation experience for Windows Server.
  • Group Policy Object design and hardening.
  • Tenable / Nessus compliance scanning experience, including CIS benchmark scans.
  • PowerShell scripting for configuration validation and remediation.
  • Active Directory, DNS, local security policy, Windows Firewall, audit policy, and service hardening.
  • Experience with Microsoft security baselines.
  • Vulnerability remediation and exception documentation.
  • Golden image creation, Sysprep, VM templates, or image deployment process.
  • Security logging and Windows event forwarding / SIEM integration.
  • Ability to balance security hardening with operational compatibility.
  • The consultant should be able to work independently with Cybersecurity and Infrastructure
  • teams and should have hands-on experience implementing hardening controls, not just reviewing scan results.

Preferred Skills:
  • Experience with VMware, Hyper-V, Azure, or enterprise server image pipelines.
  • Experience with Defender for Endpoint or similar EDR.
  • Experience with STIG, NIST, or enterprise configuration compliance.
  • Experience creating build documentation and operational runbooks.

If hired, you will enjoy the following ECLARO Benefits:
  • 401k Retirement Savings Plan administered by Merrill Lynch
  • Commuter Check Pretax Commuter Benefits
  • Eligibility to purchase Medical, Dental & Vision Insurance through ECLARO

If interested, you may contact:
Lea Enriquez
leafer.enriquez@eclaro.com
646-695-2941
Lea Enriquez | LinkedIn

Equal Opportunity Employer: ECLARO values diversity and does not discriminate based on Race, Color, Religion, Sex, Sexual Orientation, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status, in compliance with all applicable laws.

About the Company

E

ECLARO

Eclaro is a Business and Technology Consulting Firm that connects top talent with opportunities nationwide. We have direct access to Hiring Managers from leading Fortune 1000 organizations in almost every industry segment, with particular expertise in:

• Technology and Business Consulting
• Financial Services and Insurance
• Pharmaceuticals and Life Sciences
• Consumer Products, Public Sector, and Utilities

Eclaro provides fully customizable, comprehensive talent acquisition and management of seasoned professionals through a number of business models, including:

• Consulting
• Professional Hiring
• Global Integrated Delivery™
• Managed Services

Eclaro recruits and manages a staff of highly skilled individuals in an array of specialized disciplines enabling our clients to leverage new opportunities, respond to increased and changing demands, and increase their profitability.

Eclaro’s Management Team averages over 25 years of experience in partnering with clients in technical, corporate operations and human capital solutions. We hold ISO 9001:2008 certification and have achieved SOC 2 Type 2 certification in Security, Availability and Confidentiality. Eclaro’s decades of expertise and collaborative practice have proven that The Right People are The Answer.

COMPANY SIZE
500 to 999 employees
INDUSTRY
Staffing/Employment Agencies
FOUNDED
1999
WEBSITE
http://www.eclaroit.com