Systems Engineering Senior Specialist - vulnerability Remediation & Tanium Support

Systems Engineering- Vulnerability Remediation & Tanium Support (Grade 9)

NTT DATA strives to hire exceptional, innovative and passionate individuals who want to grow with us. If you want to be part of an inclusive, adaptable, and forward-thinking organization, apply now.

We are currently seeking a Systems Engineering Senior Specialist-Vulnerability Remediation & Tanium Support to join our team in Bangalore, Karnātaka (IN-KA), India (IN).

Experience

7–11 years of experience in enterprise endpoint management with hands-on specialization in Tanium platform deployment and support.

Role Overview

This role is responsible for deploying, configuring, and supporting the Tanium platform across enterprise endpoint environments including Vulnerability Remediation. The engineer will manage Tanium infrastructure components, onboard endpoints, configure and administer Tanium modules, and provide L2 support for platform and endpoint issues. Working under senior guidance, the role contributes to platform stability, endpoint visibility, and operational efficiency across the managed device fleet.

Tanium Platform Deployment

• Deploy and configure Tanium Server, Tanium Module Server, Zone Proxies, and Tanium Client across enterprise environments.
• Vulnerability remediation using Tanium Comply, Detect, Patch, and custom remediation packages.
• Collaborate with security teams (SOC, Threat Management, GRC) to align remediation with vulnerability SLAs and compliance frameworks
• Drive security hardening programs across endpoints using custom sensors, packages, and benchmarks.
• Execute Tanium platform deployments following defined architecture standards, deployment runbooks, and organizational guidelines.
• Manage Tanium Client deployment at scale across Windows, Linux, and macOS endpoints using GPO, SCCM, Intune, and script-based methods.
• Configure Tanium Zone Proxies for DMZ and remote site endpoint connectivity and visibility.
• Set up and configure Tanium modules post-deployment including Tanium Patch, Deploy, Interact, Inventory, Comply, and Connect.
• Manage Tanium platform SSL certificates, authentication configurations, and RBAC role assignments during and post-deployment.
• Execute Tanium platform upgrades, module updates, and hotfix deployments following change management procedures.
• Validate post-deployment platform health — server connectivity, client registration rates, module functionality, and data accuracy.
• Document deployment configurations, architecture decisions, and post-deployment validation results for knowledge transfer.
• Support proof-of-concept (POC) and pilot deployments for new Tanium modules or platform expansions.

Tanium Platform Administration & Support

• Administer day-to-day Tanium platform operations including server health monitoring, client connectivity, and module performance.
• Monitor Tanium Server and Module Server health, disk utilization, database performance, and service availability.
• Manage Tanium Client health across the endpoint fleet — identify and remediate non-reporting, unhealthy, or disconnected endpoints.
• Configure and maintain Tanium computer groups, management rights, and content set assignments for organized endpoint management.
• Develop and maintain Tanium saved questions, sensors, and packages for endpoint data collection and targeted actions.
• Manage Tanium action approvals, deployment targeting, and action history reviews for audit and governance compliance.
• Support Tanium RBAC configuration — user roles, permissions, computer group access, and content set boundaries.
• Troubleshoot Tanium Client registration failures, SSL errors, and connectivity issues between clients and Zone Proxies.
• Perform routine Tanium platform maintenance — database cleanup, log management, index optimization, and performance tuning.
• Handle L2 escalations for Tanium platform issues, documenting root cause findings and resolution steps.

Tanium Module Operations

• Operate and support Tanium Patch for enterprise patch deployment — configure patch lists, maintenance windows, and deployment targeting.
• Manage Tanium Deploy for software distribution — create software packages, define deployment configurations, and monitor rollout success.
• Use Tanium Interact for real-time endpoint querying, ad-hoc diagnostics, and targeted endpoint actions.
• Administer Tanium Inventory for software and hardware asset discovery, tracking, and reporting across managed endpoints.
• Support Tanium Comply operations — scan endpoints against CIS and STIG benchmarks and report compliance posture.
• Configure Tanium Connect for data export integration with SIEM, ITSM, and reporting platforms.
• Monitor module-specific dashboards and act on non-compliant or at-risk endpoint findings within defined SLA windows.
• Assist in developing Tanium Comply benchmark customizations and tailored compliance profiles under senior guidance.

Endpoint Onboarding & Client Management

• Manage end-to-end Tanium Client onboarding for new endpoints, sites, and organizational units.
• Coordinate endpoint onboarding activities with infrastructure, desktop, and server teams to ensure full platform coverage.
• Validate client registration, sensor data accuracy, and module functionality for newly onboarded endpoints.
• Manage client configuration files, tanium-init.dat distribution, and client version standardization across the fleet.
• Support decommissioning and offboarding of endpoints from the Tanium platform following defined procedures.
• Track onboarding progress and report endpoint coverage metrics to senior engineers and management.

Scripting & Automation

• Develop PowerShell and Batch scripts to automate Tanium Client deployment, health checks, and remediation tasks.
• Create Tanium packages and action scripts for remote automated fixes, software installations, and configuration changes.
• Write Tanium Relevance-based sensors for custom endpoint data collection and targeted group scoping.
• Assist in developing Tanium REST API integrations for reporting automation and ITSM ticket workflows under senior guidance.
• Maintain a library of tested Tanium packages, scripts, and deployment runbooks for team reuse.

Secondary Platform Support

• Working knowledge of SCCM / Microsoft Intune for hybrid endpoint environments where Tanium coexists with Microsoft tooling.
• Support Tanium Client deployment leveraging SCCM and Intune as distribution mechanisms for managed endpoints.
• Assist in troubleshooting endpoint management conflicts between Tanium and co-existing SCCM/Intune tooling.

Collaboration & Service Excellence

• Collaborate with infrastructure, security, desktop, and server teams to support Tanium deployment and operational activities.
• Participate in change management processes for all Tanium platform configuration changes and deployments.
• Contribute to Tanium knowledge base articles, deployment SOPs, and operational runbooks.
• Escalate complex platform issues to senior Tanium engineers with detailed diagnostic information and troubleshooting notes.
• Support audit and compliance activities by providing Tanium platform configuration documentation and endpoint coverage reports.
• Assist in mentoring lower Grade engineers on Tanium platform fundamentals and endpoint support best practices.

Required Skills

• HCL Tanium — Server, Module Server, Zone Proxy, and Client deployment and administration (intermediate to advanced level)
• Tanium Patch, Deploy, Interact, Inventory, Comply, Connect — module configuration and operations
• Tanium Client deployment via GPO, SCCM, Intune, and PowerShell scripting
• Tanium sensor, package, and saved question development
• Vulnerability Remediation
• Understanding of CVEs
• Tanium RBAC — user roles, computer groups, content set management
• Tanium Relevance Language for custom sensor and targeting development
• PowerShell and Batch scripting for Tanium automation and client management
• Tanium Connect integration with SIEM and ITSM platforms
• Windows, Linux, and macOS endpoint management fundamentals
• SCCM / Microsoft Intune — working knowledge for co-managed environments
• ITSM tools — ServiceNow or equivalent for incident and change management
• Good communication, documentation, and cross-team collaboration skills
• Ability to manage multiple concurrent deployment tasks and support activities

Preferred