Cybersecurity Analyst III, Patch Management

About The Position

Requirements

• Bachelors degree in Cybersecurity, Computer Science, Information Technology, or a related field. Work experience (4 years) may be substituted.
• Minimum of 5-7 (9+ if no degree) years of experience in a cybersecurity-related role or similar IT role, with a PM focus.
• In-depth knowledge of PM tools, patch deployment methodologies, and change management processes.
• Strong analytical, problem-solving, and risk assessment skills.
• Excellent communication (written and verbal) and interpersonal skills, with the ability to coordinate with various teams and stakeholders.
• Ability to work independently and collaboratively, managing multiple priorities and deadlines.
• Strong attention to detail and a commitment to accuracy.
• Demonstrated passion for cybersecurity and a commitment to continuous learning in the PM domain.
• Ability to travel to other HMH locations as needed.
• Proficient computer skills that may include but are not limited to Microsoft Office and/or Google Suite platforms.
• Certified in at least one of the following at hire or must obtain within one (1) year of hire: International Information System Security Certification Consortium (ISC2) Certification, Information Systems Audit and Control Association (ISACA) Certification, CompTIA Certification d. Global Information Assurance Certification (GIAC), Or other related cybersecurity certification

Nice To Haves

• Experience with enterprise PM solutions (e.g., System Center Configuration Manager [SCCM], Ivanti).
• Experience with automating patch deployment processes.
• Knowledge of operating systems and application security hardening.
• Experience with scripting languages (e.g., Python, PowerShell) for automating PM tasks.
• Experience with cloud security technologies and best practices (e.g., Amazon Web Services [AWS], Azure, Google Cloud Platform [GCP]).
• Familiarity and/or experience working in healthcare provider environments.
• In-depth knowledge of healthcare-specific regulations and standards (e.g., Health Insurance Portability and Accountability Act [HIPAA]/Health Information Technology for Economic and Clinical Health Act [HITECH]).
• Other relevant PM certifications.

Responsibilities

• Manage the PM lifecycle, including testing, deployment, and verification, according to established processes.
• Coordinate with DTS/IT teams and system owners to schedule and execute patch deployments, minimizing disruption to operations.
• Analyze patch release notes and cybersecurity advisories to assess patch applicability and potential impact.
• Develop and maintain PM reports and dashboards to monitor patch compliance.
• Evaluate and recommend improvements to PM tools and technologies.
• Manage patch exceptions and assist in developing mitigation strategies for non-compliant systems.
• Ensure adherence to PM policies and procedures.
• Monitor the latest patch releases, cybersecurity advisories, and PM best practices.
• Provide guidance and mentorship to peers and other personnel on PM best practices.
• Contribute to the development and maintenance of PM processes and procedures.
• Travel to any HMH location, possibly with minimal notice, to provide immediate on-site support for cybersecurity incidents, urgent investigations, or other critical requests from cybersecurity or hospital leadership.
• Other duties and/or projects as assigned.
• Adheres to HMH Organizational competencies and standards of behavior.