Patch Strategy Development: Design and implement a comprehensive patch management strategy to ensure all systems and applications are maintained in accordance with client policies and SLAs, and in response to security vulnerability reporting.
Patch Deployment: Oversee the deployment of patches and updates across the enterprise, ensuring compatibility of application dependencies and coordinating deployment windows to maintain service availability.
Monitoring and Reporting: Set up monitoring solutions to track the status of patch deployments, generate reports on compliance levels, and identify any outstanding vulnerabilities.
Certificate Management: Manage the lifecycle of TLS/SSL certificates, including generation, monitoring, updating, and remediation to ensure secure communications across systems.
Collaboration: Work closely with IT operations, security teams, and application owners to coordinate patching efforts and ensure alignment with overall security policies.
Vulnerability Management: Conduct regular vulnerability assessments to identify and prioritize patches based on risk and develop remediation plans.
Documentation: Maintain detailed documentation for patch management processes, including schedules, patch inventories, and compliance reports to support audits and reviews.
Troubleshooting and Support: Provide support for issues arising from patching activities, including troubleshooting failures and performing root cause analysis.
Technical Skills
Operating Systems: Strong experience with patch management across various operating systems, including Windows, Linux, and containers.
Patch Management Tools: Proficiency with patch management tools such as Microsoft WSUS, SCCM, or third-party solutions like Ivanti or Tanium.
Certificate Management: Experience with managing TLS/SSL certificates and PKI.
Scripting Skills: Familiarity with scripting languages (e.g., PowerShell, Bash) to automate patch management tasks.
Security Best Practices: Understanding of security best practices and frameworks to ensure compliance with industry standards (e.g., NIST, ISO 27001, SOC II Type 2, TISAX)
Network Management: Knowledge of network security protocols and practices related to patch management and system hardening.
Version Control: Experience with version control systems to manage changes in configuration and patch scripts.
Preferred Qualifications
Agile Methodologies: Experience working in Agile environments, contributing to sprint planning and backlog management.
Incident Response: Familiarity with incident response processes and the role of patch management in mitigating security incidents.
Compliance Frameworks: Knowledge of regulatory compliance requirements (e.g., PCI-DSS, HIPAA) as they pertain to patch management.