Sign upLog in

Lead Enterprise Infrastructure Patch and Security Engineer

All Lines Technology

Hermitage, Pennsylvania

Apply
JOB DETAILS
SKILLS
Ansible, Bash Scripting, Calendar Management, Change Control, Change Management, Cisco Network Systems, Cloud Computing, DNA, Digital Certificates, Documentation, Enterprise Protection, Feasibility Analysis, IT Service Management (ITSM), ITIL (IT Infrastructure Library), Incident Management, Leadership, Linux Operating System, Machine Tool, Maintain Compliance, Microsoft Windows Operating System, Microsoft Windows Server, Operating Systems, Public Key Infrastructure (PKI), Python Programming/Scripting Language, Red Hat Linux Operating System, Risk Analysis, Risk Management, Scripting (Scripting Languages), Security Infrastructure, Security Monitoring, Security Patches, Software Patches, System Center Configuration Manager (SCCM), Windows PowerShell
LOCATION
Hermitage, Pennsylvania
POSTED
9 days ago

We are seeking a highly skilled Lead Infrastructure Security & Patch Management Engineer to reduce security risk and maintain patch compliance across Infrastructure Services. This role is responsible for managing enterprise-wide remediation efforts using approved tools and processes across Windows Server, Enterprise Linux, cloud and on-prem environments, network devices, and other in-scope assets.

Key Responsibilities

  • Own and manage the Security Remediation Program, ensuring alignment with Security findings (Critical, High, Medium).
  • Plan, schedule, and execute monthly operating system patching for Windows and Linux environments, including canary deployments, defined maintenance windows, and rollback strategies.
  • Lead zero-day and out-of-band patching efforts with expedited risk assessment and adherence to change control processes.
  • Deliver extended remediation activities, including updates to ciphers, protocols, file permissions, and third-party applications; coordinate with vendors as needed.
  • Administer and operate enterprise patching and security tooling, including MECM/SCCM, Ansible, Rapid7, Ivanti ITSM, Cisco DNA, Panorama, and Venafi, with manual deployments when required.
  • Manage quarterly component updates and oversee certificate lifecycle processes (PKI/DigiCert), including feasibility analysis for migrations from self-signed to PKI certificates.
  • Develop and publish compliance reports, audit documentation, and governance updates.
  • Facilitate and lead weekly Security–Infrastructure standups to track remediation progress and address risks.

Required Qualifications

  • 5+ years of experience in infrastructure security and patch management.
  • Strong expertise in Windows Server and Enterprise Linux environments (e.g., RHEL).
  • Hands-on experience with enterprise tools such as MECM/SCCM, Ansible, Rapid7, Ivanti ITSM, Cisco DNA, Panorama, and Venafi/PKI.
  • Solid understanding of ITIL processes, including change management, incident management, and CMDB maintenance.
  • Experience with compliance reporting and audit support.
  • Scripting proficiency in PowerShell, Bash, or Python.
  • Demonstrated experience with canary deployments and rollback procedures.

About the Company

A

All Lines Technology

Resume Resources

Free Resume TemplatesFree Resume Builder