Apply now »

Technical Analyst

Technical Analyst

Job Responsibilities:


70% of the role will be focused on the process of technical patch and vulnerability remediation to mitigate non-compliance risks – purely over all the different types of patch management in the IT infrastructure environment:

•    Possess strong understanding in the end to end patch management process across all the flavours of patches (Microsoft security patch, application patch, OS level patch, Server patch, etc.).
•    Delivering a standard approach to Windows security patch management and software deployment
•    Shall review, coordinate and deploy monthly security patches for client and server environments (Microsoft security patch, application patch, OS level patch, etc.) 
•    Pro-actively log incidents and changes (with CAB representation) to carry out remedial work or repeat deployments (coordinate remediation activities)
•    Deploying applications via SCCM – including monitoring, troubleshooting failed deployments and reporting
•    Research the latest information technology (IT) security bulletins for Microsoft products and 3rd party applications
•    Working closely with other technical and non-technical teams to coordinate changes and any emergency patching work that is required 
•    Analyse and remediate findings from vulnerability and patching scans using the appropriate tools and resources
•    Analyse the risk posed from specific vulnerabilities/threats in order to create the appropriate treatment plan for remediation and progress 
•    Perform assurance/health checks on compliance and configuration
•    Share communications - translate complex matters for various stakeholders and responding to the latest threats/risks (includes the creation of compliance reporting with running commentary on gaps in compliance and progress along with stakeholder management)
•    Monitoring and reporting of security patches and software deployments and remediation tracking

30% of the role will be governance and procedure related:

•    Assist in ensuring that procedures and reporting are documented and known to the appropriate stakeholders, that includes,
o    Compliance reporting 
o    Patch procedures are standard across teams 
o    Procedures for identifying assets in scope are standard and fit for purpose
•    Owning patch issues specific to customers when they occur and giving regular, credible and contextualised progress updates 
•    Assist in the vital creation and adherence of ‘Master Patch Records’ which aid stakeholders in clearly understanding patch scope and approved products, roles and responsibilities and patch frequency of applications on a given estate 
•    Investigation and post incident assessment of and response to high impact vulnerabilities and malware/virus outbreaks – liaising with appropriate teams 
•    OS hardening (Patch configuration) and security recommendations 
Additional requisites:

- Broad technical background / understanding with experience in patch and deployment, specifically Microsoft security patching
•    Shall be experienced in supporting/administrating Windows operating systems, Microsoft SCCM & WSUS (Including building collections and deploying applications and patching), and associated troubleshooting
•    Ability to work effectively as part of a team
•    Pro-active in finding solutions to problems and improvements to the service we provide
•    Experienced in security/patch compliance investigations
•    Experience in generating management compliance reporting
•    Ability to influence stakeholders on good security practice
•    Required experience or knowledge of patching tools such as (In order of importance)
o    MS SCCM / Current Branch
o    WSUS
o    Tanium (Not vital)
o    Flexera CSI (Not vital)

•    Experience or knowledge of Windows Server OS, Active Directory, Group Policy and Systems Admin/Configuration in the context of good security practice and hardening 
•    Adherence to associated ITIL disciplines (Change, Release, Incident and Problem management) 
•    Acting at times as a point of contact for release management deployment schedules 
 

Apply now »