Role Overview
Our client is launching a Patching Center of Excellence to standardize patch governance, reduce risk, and improve operational resilience. This hands-on manager role analyses vendor patches and vulnerabilities, validates packages, coordinates testing, runs post-patching scans, and produces risk and compliance reports. Ideal for a junior manager with strong technical skills and passion for operational security.
Main Responsibilities
- Monitor vendor advisories (Microsoft, Red Hat, Apple, Adobe, Cisco, VMware, others)
- Analyse vulnerabilities using Common Vulnerabilities and Exposures, Common Vulnerability Scoring System, Exploit Prediction Scoring System, Known Exploited Vulnerabilities, exploit maturity, and asset exposure
- Prioritize patches based on exploit status, internet exposure, critical assets, and business impact
- Validate patch content, prerequisites, supersedence, and rollback options
- Coordinate and document User Acceptance Testing and Pilot testing
- Support maintenance windows, change records, and communications
- Perform and verify post-patching scans (Qualys, Tenable, Rapid7, Defender for Endpoint)
- Investigate residual issues, misconfigurations, and failed deployments
- Contribute to Standard Operating Procedures and patching standards
Required Skills and Experience
- 6-10 years in Information Security, Endpoint Engineering, or Vulnerability Management
- Hands-on experience with patching tools in at least one platform:
- Windows: Windows Server Update Services, System Center Configuration Manager, Microsoft Endpoint Configuration Manager, Intune, Defender for Endpoint
- Linux: Red Hat Satellite, YUM, DNF, APT, Ansible
- macOS: Jamf Pro or native update tools
- Others: Ivanti, Tanium
- Proficient in vulnerability scanners (Qualys, Tenable, Rapid7, Nessus)
- Strong knowledge of Common Vulnerabilities and Exposures, Common Vulnerability Scoring System, Exploit Prediction Scoring System, Known Exploited Vulnerabilities, and compensating controls
- Familiar with Information Technology Infrastructure Library change management and rollback planning
- Excellent documentation, Microsoft Excel, Power Business Intelligence reporting, and communication skills
- Preferred certificates:
- CompTIA Security Plus
- Microsoft Azure Security Engineer
- Red Hat Certified System Administrator
- Information Technology Infrastructure Library Foundation
- Certified Information Systems Security Professional (associate level)
