What are the responsibilities and job description for the Enterprise Infrastructure Patch and Security Engineer position at Fire Fighter Sales & Service Co.?
Purpose
Reduce security risk and maintain patch compliance across Infrastructure Services using approved tooling and processes (Windows Server, Enterprise Linux, cloud/on‑prem, network devices, and assets in scope).
What You’ll Do
- Own Security Remediation Program management aligned to Security’s findings (Critical/High/Medium).
- Plan, schedule, and execute monthly OS patching (Windows/Linux) with canaries, maintenance windows, and rollback.
- Run zero-day/out‑of‑band patching with expedited assessment and change controls.
- Deliver extended remediations (cipher/protocol, file rights, 3rd‑party updates) and coordinate vendor engagement.
- Operate tooling: MECM/SCCM, Ansible, Rapid7, Ivanti ITSM, Cisco DNA, Panorama, Venafi; perform manual deployments where required.
- Manage quarterly component updates and certificate lifecycle (PKI/DigiCert), including self‑signed to PKI migration feasibility.
- Publish compliance reports, audit artifacts, and governance updates; chair weekly Security–Infrastructure standups.
- Maintain strong communication across IT teams, upholding established procedures, and helping drive continuous improvement in service performance and end-user satisfaction
What You’ll Bring
- 7–8 years in infrastructure security/patch management across Windows Server & Enterprise Linux (RHEL/others).
- Hands‑on experience with MECM/SCCM, Ansible, Rapid7, Ivanti ITSM, Cisco DNA, Panorama, Venafi/PKI.
- Strong ITIL change & incident management, CMDB updates, compliance reporting.
- Scripting skills (PowerShell/Bash/Python), canary strategies, rollback procedures.
- Nice‑to‑have: ITIL v4, Security , RHCSA/RHCE, Microsoft Certified, CCNA/CCNP, GIAC/GVM.