Mô tả công việc
Tóm tắt công việc
About the Role:
We are building a Patching Center of Excellence (COE) to standardize patch governance, improve risk reduction, and enhance operational resilience. This role will analyse vendor patches and vulnerabilities, validate patch packages, coordinate testing windows, run post-patching security scans, and provide actionable risk and compliance reporting. The role is ideal for a junior manager with strong technical skills and a passion for operational security.
Key Responsibilities
Patch Intelligence & Analysis
Track vendor advisories (Microsoft, Red Hat, Apple, Adobe, Cisco, VMware, browser vendors).
Analyze CVEs, CVSS/EPSS scores, exploit maturity, KEV catalog entries, and asset exposure.
Recommend prioritization (e.g., weaponized, internet-facing, crown jewels, high business impact).
Patch Validation & Testing
Review patch metadata, supersedence, prerequisites, and rollback strategy.
Coordinate patch validation in UAT/Pilot rings; verify functional and security outcomes.
Document test cases, exceptions, application compatibility notes, and sign-off criteria.
Orchestration Support
Ensure maintenance window discipline, change records, and communications are tracked.
Post-Patch Security Assurance
Run/validate post-patching scans (e.g., Qualys/Tenable/Rapid7; Defender for Endpoint).
Investigate residual vulnerabilities, misconfigurations, failed installs, and drifts.
Continuous Improvement
Contribute to SOPs, standards, and ring & rollback methodologies.
Attractive salary and benefits
Hybrid working mode
Full salary in probation & 13th month salary
Social insurance on full salary from probation
Extensive leave up to 18 days per year
Annual health check
Yêu cầu
More than 3 years in Information Security/Endpoint Engineering/Vulnerability Management.
Hands-on with one or more patching stacks:
Windows: WSUS/SCCM/MECM, Intune, Defender for Endpoint.
Linux: Red Hat Satellite/YUM/DNF/APT; Ansible.
macOS: Jamf Pro, macOS update frameworks.
Endpoint/Server: Ivanti/Tanium; package validation & rollout.
Vulnerability scanning tools: Qualys, Tenable, Rapid7, Nessus; interpretation of findings.
Understanding of CVEs, CVSS, EPSS, KEV, exploit chains, and compensating controls.
Familiarity with change management (ITIL), maintenance windows, rollback plans.
Strong documentation, Excel/Power BI reporting, and stakeholder communication.
Education & Certifications
Bachelor's Degree, or related field (or equivalent experience).
Preferred: Security+, Azure Security Engineer, RHCSA, ITIL Foundation, CISSP (associate)
Thông tin khác
Cyber Security
Information Security
BI
Windows
Linux
Mac OS
MS Excel
Redhat
Foundation
MS Azure
Ansible
ITIL
SCCM
WSUS
MS Power BI
CISSP
Qualys
MECM
Intune
Satellite
Thông tin chung
Cách thức ứng tuyển
Ứng viên nộp hồ sơ trực tuyến bằng cách bấm nút Ứng tuyển bên dưới:
Hạn nộp: 25/06/2026
