Enterprise Infrastructure Patch and Security Engineer
Fire Fighter Sales & Service Co.•Hermitage, PA
•Onsite
About The Position
Reduce security risk and maintain patch compliance across Infrastructure Services using approved tooling and processes (Windows Server, Enterprise Linux, cloud/on‑prem, network devices, and assets in scope).
Requirements
- 5+ years in infrastructure security/patch management across Windows Server & Enterprise Linux (RHEL/others).
- Hands‑on experience with MECM/SCCM, Ansible, Rapid7, Ivanti ITSM, Cisco DNA, Panorama, Venafi/PKI.
- Strong ITIL change & incident management, CMDB updates, compliance reporting.
- Scripting skills (PowerShell/Bash/Python), canary strategies, rollback procedures.
Nice To Haves
- ITIL v4
- Security+
- RHCSA/RHCE
- Microsoft Certified
- CCNA/CCNP
- GIAC/GVM
Responsibilities
- Own Security Remediation Program management aligned to Security’s findings (Critical/High/Medium).
- Plan, schedule, and execute monthly OS patching (Windows/Linux) with canaries, maintenance windows, and rollback.
- Run zero-day/out‑of‑band patching with expedited assessment and change controls.
- Deliver extended remediations (cipher/protocol, file rights, 3rd‑party updates) and coordinate vendor engagement.
- Operate tooling: MECM/SCCM, Ansible, Rapid7, Ivanti ITSM, Cisco DNA, Panorama, Venafi; perform manual deployments where required.
- Manage quarterly component updates and certificate lifecycle (PKI/DigiCert), including self‑signed to PKI migration feasibility.
- Publish compliance reports, audit artifacts, and governance updates; chair weekly Security–Infrastructure standups.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
Associate degree
