Sr. Enterprise Infrastructure Patch & Security Lead

Purpose Reduce security risk and maintain patch compliance across Infrastructure Services using approved tooling and processes (Windows Server, Enterprise Linux, cloud/on-prem, network devices, and assets in scope). What You'll Do Own Security Remediation Program management aligned to Security's findings (Critical/High/Medium). Plan, schedule, and execute monthly OS patching (Windows/Linux) with canaries, maintenance windows, and rollback. Run zero-day/out-of-band patching with expedited assessment and change controls. Deliver extended remediations (cipher/protocol, file rights, 3rd-party updates) and coordinate vendor engagement. Operate tooling: MECM/SCCM, Ansible, Rapid7, Ivanti ITSM, Cisco DNA, Panorama, Venafi; perform manual deployments where required. Manage quarterly component updates and certificate lifecycle (PKI/DigiCert), including self-signed to PKI migration feasibility. Publish compliance reports, audit artifacts, and governance updates; chair weekly Security-Infrastructure standups. Maintain strong communication across IT teams, upholding established procedures, and helping drive continuous improvement in service performance and end-user satisfaction What You'll Bring 7-8+ years in infrastructure security/patch management across Windows Server & Enterprise Linux (RHEL/others). Hands-on experience with MECM/SCCM, Ansible, Rapid7, Ivanti ITSM, Cisco DNA, Panorama, Venafi/PKI. Strong ITIL change & incident management, CMDB updates, compliance reporting. Scripting skills (PowerShell/Bash/Python), canary strategies, rollback procedures. Nice-to-have: ITIL v4, Security+, RHCSA/RHCE, Microsoft Certified, CCNA/CCNP, GIAC/GVM.

Created: 2026-03-10