Job ID 369794
The position is responsible for operational support and management for operating system patching activities covering the global user workstation landscape.
This position will require deep analytical thinking with the ability to combine security related information from multiple data sources and using that data to determine deployment methods and timelines for software patches, registry updates, and other security related configurations. The Engineer will work with business units to plan and coordinate the patching activities with a focus on minimizing business impact during the event and ensuring systems are returned to optimal state after patching activities have been completed.
In addition to patch management functions the team will also be responsible for the entire system lifecycle related to compliance which will include hardening for system builds, ongoing CIS standards, and compliance related configuration management.
This position will require working during business offer hours and weekends in order to minimize impact during the patching events.
- Develop and optimize pre- and post- patching process to ensure proper implementation without any outages.
- Evaluate patches based on risks and prioritize fixes in order to meet pre-determined deployment timelines for the patch risk level.
- Coordinate patch schedule with business units and other internal teams such as infrastructure management, security operations, governance & risk.
- Have the ability to create deployment patch packages using tools such as ManageEngine Patch Manager Plus, SCCM, WSUS, SolarWinds Patch Manager.
- Ensure patches are deployed and tested in pilot groups prior to full deployment to all user systems.
- Able to remediate vulnerabilities. Often, requiring fixes beyond system patches, which could include items like changing registry values, firewall changes, and other configuration items.
- Assist in the process for vulnerability and patch management ensuring they are compatible with the company’s business needs and strategic objectives.
- Research, evaluate, develop, design and implement patch remediation standards following industry best practices
- Develop and implement patch and vulnerability remediation process including package creation, testing and deployment.
- 4+ years of experience with Windows Operating Systems
- 4+ years of experience with patching tools like ManageEngine Patch Manager Plus, SCCM, WSUS, Patch Manger, RedHat Satellite.
- 3+ years of experience with VMWare virtualization environments
- 3+ years of experience working with Azure (or other Cloud environments)
- 4+ Experience with automation tools/frameworks to include scripting tools such as PowerShell, Bash, Ansible
- Proficient with Active Directory structure and Group Policy Management
- Excellent written and verbal communication skills
- Solid knowledge of Infrastructure and Operations management and service delivery
- Solid understanding of Data Center, Cloud, and various Infrastructure Hosting models
- Experience managing large and complex infrastructures in high availability environments
- Strong analytical and problem-solving skills
- Comfortable speaking with all levels of staff
- Strategic problem-solving and decision-making abilities
Technical Skills Proficiency Level Required (R) /Optional (O)
Proficient with one or more Patch
Management Tools (RedHat Satellite) 4 R
Proficient with trouble ticketing
systems (i.e. ServiceNow) 3 R
Proficient with Security Scanning )
Software (Tenable, Rapid7, Qualys 4 R
Proficient with Microsoft Windows 4 R
Proficient with VMWare
virtualization environments 4 R
Proficient with Scripting Languages
(Powershell, Bash) 4 R
Proficient with Automation Frameworks
such as Ansible 4 R
Proficient with Cloud services such
as Azure or AWS 2 R
Knowledge of Reporting tools such
as PowerBI 2 R
Knowledge of Agile frameworks
(Agile, Scrum, Kanban) 2 R