Purpose of this role
Reduce security risk and maintain patch compliance across Infrastructure Services using approved tooling and processes (Windows Server, Enterprise Linux, cloud/on‑prem, network devices, and assets in scope).
What You’ll Do
-
Own Security Remediation Program management aligned to Security’s findings (Critical/High/Medium).
-
Plan, schedule, and execute monthly OS patching (Windows/Linux) with canaries, maintenance windows, and rollback.
-
Run zero-day/out‑of‑band patching with expedited assessment and change controls.
-
Deliver extended remediations (cipher/protocol, file rights, 3rd‑party updates) and coordinate vendor engagement.
-
Operate tooling: MECM/SCCM, Ansible, Rapid7, Ivanti ITSM, Cisco DNA, Panorama, Venafi; perform manual deployments where required.
-
Manage quarterly component updates and certificate lifecycle (PKI/DigiCert), including self‑signed to PKI migration feasibility.
-
Publish compliance reports, audit artifacts, and governance updates; chair weekly Security–Infrastructure standups.
What You’ll Bring
-
5+ years in infrastructure security/patch management across Windows Server & Enterprise Linux (RHEL/others).
-
Hands‑on experience with MECM/SCCM, Ansible, Rapid7, Ivanti ITSM, Cisco DNA, Panorama, Venafi/PKI.
-
Strong ITIL change & incident management, CMDB updates, compliance reporting.
-
Scripting skills (PowerShell/Bash/Python), canary strategies, rollback procedures.
-
Nice‑to‑have: ITIL v4, Security+, RHCSA/RHCE, Microsoft Certified, CCNA/CCNP, GIAC/GVM.