Vulnerability & Patch Management Analyst

Job Description

Purpose of the Role:

The Patch & Vulnerability Analyst position is a hands-on role providing a broad range of support services across the VM and Patching product set. Working within the Team, you will provide support through your input to the running of the patch management toolset. Make sure that the patches are delivered within the timeframe and any issues are highlighted for potential backout.

This role would suit an individual who is looking to gain experience within a 3rd line support environment and a career in Security. We are looking for someone who has experience troubleshooting issues within a large organisation. The successful candidate will be dynamic, analytical and be able to come up with smart solutions. We are looking for a real problem solver.

Key Deliverables/Responsibilities

Patch Management:

Use patching tool to set up monthly patching cycle within the MS patch Tuesday cycle.
Schedule patching for MS and Applications within the estate.
Notify Application and Infra towers of potential patching date and cycles.
Manage and deliver out of band patches with both 3rd parties and internal areas.
Deliver agreed metrics on patching.

Vulnerability Management

Checking scans have ran and if not investigate and correct.
For any Critical or Exploited vulnerabilities, be able to check R7 IVM and MS TVM for assets affected and be able to report.
Responding to alerts and incidents, including root cause analysis for a “Fix Once” approach.
Management and completion of catalogue requests and project tasks assigned to the team.
Collaborate with the Security towers, and other IT functions, for problem resolution.
Help Deliver agreed metrics on VM.

Experience Required (Essential)

Good working knowledge of patching tools such as SCCM, Ivanti, Adaptiva OneSite etc.
Good knowledge of Rapid7 Nexpose and InsightVM or other VM tools such as Qualys or Tenable.
Good knowledge of MS Defender (TVM).
Good Microsoft Excel skills used to analyse vulnerability information.
Proactive work attitude, ability to work independently while still acting as part of a team.
Problem solving, a desire to maintain a “Fix Once” approach.
Experience with designing and writing troubleshooting guides (Knowledge base articles) for support teams.
Proven analytical and creative problem-solving abilities.
Great communicator, ability to convey technical information in a non-technical way.
Capable of providing support and training to upskill team members and support teams.

Experience Required (Desirable)

Knowledge of scripting such as VB Script, Powershell, Python etc.
Knowledge or use of API at rest.
A keen interest in IT Security with an appetite to learn.
A highly organized and detailed approach to tasks.
An analytical approach to problem solving.
Confident use of IT systems.
An excellent working knowledge of ServiceNow.
Able to discreetly handle confidential information.
Knowledge of Windows Server administration.