Enterprise Patch Management Specialist
Satwic Inc · Glendale, AZ · 6 days ago
On-siteOTHROther
Scope of Work
Staff Augmentation: Provide qualified Patch Management Specialist with relevant qualifications and experience, with on-site presence required.
- Manage and maintain the enterprise patch management lifecycle across Windows, Linux, VMware, and third-party application environments.
- Utilize Microsoft Intune and Microsoft Endpoint Configuration Manager (MECM/SCCM) to deploy, manage, monitor, and report on endpoint and server patch compliance.
- Develop and maintain patch management policies, procedures, standards, and operational documentation.
- Perform testing, validation, deployment, and rollback planning for operating system and application updates.
- Administer Windows Server and Windows workstation patching activities.
- Administer Linux patching activities, including Red Hat Enterprise Linux (RHEL), Ubuntu, Rocky Linux, and CentOS environments using Ansible.
- Manage VMware ESXi host, vCenter, and VMware infrastructure patching and upgrades.
- Deploy and manage patches for third-party applications, including Adobe products, Google Chrome, Mozilla Firefox, Java, Citrix, Zoom, Oracle products, and other enterprise software.
- Utilize patch catalogs and software packaging solutions within MECM and Intune to automate third-party application deployment and patching.
- Clock in monthly and emergency patch deployment cycles.
- Identify, prioritize, and remediate vulnerabilities discovered through Qualys, Rapid7, Microsoft Defender Vulnerability Management, or similar vulnerability management platforms.
- Analyze vulnerability scan results and develop remediation plans based on business risk and system criticality.
- Maintain enterprise patch compliance levels in accordance with cybersecurity and regulatory requirements.
- Troubleshoot failed deployments and remediation issues across endpoints, servers, and virtual infrastructure.
- Create executive and operational dashboards and reports demonstrating patch compliance and remediation performance.
- Support audit readiness and provide evidence for internal and external assessments.
- Collaborate with cybersecurity teams to support vulnerability management programs and reduce organizational risk.
- Automate patch management tasks using PowerShell, Bash, Python, Ansible, or similar scripting tools.
- Sustain emergency mitigation efforts for critical vulnerabilities and zero-day threats.
- Support change management processes and maintenance window coordination.
- Maintain accurate patching records, exceptions, and remediation tracking documentation.
Qualifications
- Proven experience in enterprise patch management and systems administration.
- Strong experience patching and supporting Microsoft Windows Server and Windows desktop operating systems.
- Strong experience patching Linux operating systems, including RHEL, Ubuntu, Rocky Linux, and CentOS.
- Experience administering VMware ESXi and VMware vCenter environments.
- Extensive hands-on experience with Microsoft Intune and Microsoft Endpoint Configuration Manager (MECM/SCCM).
- Experience managing and patching third-party applications across enterprise environments.
- Experience with Windows Update for Business (WUfB) and Microsoft cloud-based update management.
- Familiarity with Microsoft Defender for Endpoint and Defender Vulnerability Management.
- Experience with vulnerability management platforms such as Tenable, Qualys, Rapid7, or similar tools.
- Knowledge of NIST Cybersecurity Framework (CSF), NIST SP 800-53, CIS Benchmarks, and cybersecurity best practices.
- Understanding of change management and operational processes.
- Experience supporting audit and compliance activities.
- Strong troubleshooting, analytical, documentation, and communication skills.
- Ability to work effectively with both technical and non-technical stakeholders.