Enterprise Infrastructure Patch and Security Engineer

All Lines Technology

$100K — $130K *
US-AnywhereRemote in Hermitage, PA
Information Technology
5 - 7 years of experience
3 weeks ago
Job Overview by Ladders

Qualifications

  • 5+ years of experience in infrastructure security and patch management for Windows Server and Enterprise Linux (RHEL/others).
  • Hands-on expertise with key tools like MECM/SCCM, Ansible, and Rapid7.
  • Strong knowledge of ITIL processes including change and incident management.
  • Proficiency in scripting with PowerShell, Bash, or Python.
  • Certifications such as ITIL v4, Security+, and RHCSA/RHCE are desirable.

Responsibilities

  • Own the management of the Security Remediation Program based on identified security findings.
  • Plan and execute monthly patching schedules for both Windows and Linux operating systems.
  • Handle zero-day patching with quick assessments and established change controls.
  • Deliver extensive remediations involving ciphers, protocols, and vendor coordination.
  • Operate required tooling and perform manual deployments when necessary.
  • Manage quarterly updates and the lifecycle of certificates.
  • Publish compliance reports and facilitate weekly Security-Infrastructure meetings.

Benefits

  • Health insurance, including medical, dental, and vision coverage.
  • 401(k) retirement plan with company matching.
  • Flexible work schedule and remote work opportunities.
  • Professional development and training resources.
  • Generous paid time off (PTO) policy.
Full Job Description
Purpose of this role
Reduce security risk and maintain patch compliance across Infrastructure Services using approved tooling and processes (Windows Server, Enterprise Linux, cloud/on-prem, network devices, and assets in scope).

What You'll Do
  • Own Security Remediation Program management aligned to Security's findings (Critical/High/Medium).
  • Plan, schedule, and execute monthly OS patching (Windows/Linux) with canaries, maintenance windows, and rollback.
  • Run zero-day/out-of-band patching with expedited assessment and change controls.
  • Deliver extended remediations (cipher/protocol, file rights, 3rd-party updates) and coordinate vendor engagement.
  • Operate tooling: MECM/SCCM, Ansible, Rapid7, Ivanti ITSM, Cisco DNA, Panorama, Venafi; perform manual deployments where required.
  • Manage quarterly component updates and certificate lifecycle (PKI/DigiCert), including self-signed to PKI migration feasibility.
  • Publish compliance reports, audit artifacts, and governance updates; chair weekly Security-Infrastructure standups.

What You'll Bring
  • 5+ years in infrastructure security/patch management across Windows Server & Enterprise Linux (RHEL/others).
  • Hands-on experience with MECM/SCCM, Ansible, Rapid7, Ivanti ITSM, Cisco DNA, Panorama, Venafi/PKI.
  • Strong ITIL change & incident management, CMDB updates, compliance reporting.
  • Scripting skills (PowerShell/Bash/Python), canary strategies, rollback procedures.
  • Nice-to-have: ITIL v4, Security+, RHCSA/RHCE, Microsoft Certified, CCNA/CCNP, GIAC/GVM.
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at All Lines Technology

More Information Technology Jobs

Find similar Enterprise Infrastructure Patch and Security Engineer jobs:

NationwideRemote