SCCM Patching Engineer – Vulnerability Management (Windows Systems)

Job Description

1. Vulnerability Mitigation:

o Perform daily and monthly vulnerability mitigation activities based on vulnerability assessment (VA) reports.

o Prioritize and remediate critical and high vulnerabilities within defined SLAs.

2. VA Scan Report Analysis:

o Review and analyze VA scan reports generated from Tenable Security Center or similar tools.

o Coordinate with system owners and security teams for timely remediation and closure of findings.

3. Server Patching (SCCM / WSUS):

o Deploy Windows updates, hotfixes, and security patches using SCCM on a daily and monthly cycle.

o Ensure compliance with patching policies and maintain system stability post-deployment.

o Perform patch testing and validation before production rollout.

4. Third-Party & Non-Windows Software Updates:

o Install and update non-Windows software (e.g., Java, Adobe, Chrome, WinSCP, etc.) through SCCM or manual deployment as required.

o Maintain version compliance across all systems.

5. Project-Based Software Installation:

o Support additional software installation requests as per project demands.

o Validate security compliance of software before deployment.

6. Vulnerability Compliance Maintenance:

o Ensure that breached vulnerability counts remain at zero by continuously monitoring and patching all critical systems.

o Generate and maintain compliance and remediation reports.

7. Tenable Security Center Knowledge:

o Possess basic working knowledge of Tenable Security Center for vulnerability analysis, report interpretation, and tracking remediation progress.

8. Reporting & Documentation:

o Generate daily/weekly/monthly reports for patch compliance, vulnerability mitigation, and exception handling.

o Maintain accurate patching documentation and change records (as per ITIL standards).

Required Skills & Experience:

• Technical Expertise:

o Strong hands-on experience with Microsoft SCCM (System Center Configuration Manager) or Microsoft Endpoint Configuration Manager (MECM).

o Proficiency in Windows Server administration (2012/2016/2019/2022) environments.

o Basic understanding of Tenable Security Center, Nessus, or equivalent vulnerability assessment tools.

o Familiarity with patch deployment automation, compliance reporting, and troubleshooting failed patches.

o Experience in managing third-party software patching and updates.

• Soft Skills:

o Strong analytical and problem-solving skills.

o Ability to work independently and under minimal supervision.

o Good communication and coordination skills to work with security and operations teams.

o Documentation and reporting proficiency (Excel, Power BI, or SCCM reports).

Desired Candidate Profile

Any Nationality

Any Graduation

Any

Qualifications:

• Bachelor’s degree in computer science, Information Technology, or a related field.

• Microsoft certification (MCSA / MCSE / Microsoft Endpoint Manager) preferred.

• ITIL Foundation certification is an advantage.

• Minimum 3–5 years of experience in patch and vulnerability management.

Performance Indicators (KPIs):

• 100% patch compliance on critical systems.

• Zero breached vulnerabilities maintained consistently.

• Timely remediation of all high and critical VA findings.

• Accurate and timely submission of monthly patch and vulnerability reports.

Contact number 0501462903