Principal, Patching and Vulnerability

About The Position

Requirements

• Extensive experience in server and network administration across on-premises and AWS cloud environments, as well as vulnerability management.
• Proven ability to design robust, scalable, and secure vulnerability management solutions in hybrid infrastructure settings.
• Demonstrated experience coordinating patching activities across multiple infrastructure teams, including the ability to drive accountability and execution without direct authority over all participating teams.
• Demonstrated leadership in designing workflows, automation, and governance frameworks that maximize the value of vulnerability management systems, including seamless integration with enterprise infrastructure.
• Strong cross-domain expertise bridging security and IT best practices regarding patching and vulnerability management across mixed on-premises and cloud environments.
• Visionary thinking around continuous patching models, with experience or strong familiarity with strategies that support near-real-time remediation in high-availability or 24/7 production environments (e.g., rolling patch windows, blue/green deployment models, live patching technologies).
• Commitment to innovation and operational excellence, with a track record of driving technical depth and broad domain knowledge in vulnerability management initiatives.
• Vulnerability scanning and assessment (Qualys preferred)
• Patch lifecycle management
• CVE analysis and risk-based prioritization
• CVSS scoring and vulnerability remediation frameworks
• Zero-day and critical vulnerability response
• ServiceNow Security Vulnerability Response (SVR) module
• Qualys-to-ServiceNow integration and workflow configuration
• Understanding of patch management infrastructure for on-prem and cloud based environments.
• Familiarity with enterprise server environments including Windows Server, Linux (RHEL), and VMware/vSphere patching workflows
• Understanding of enterprise storage and firmware update coordination across SAN/NAS platforms
• Bachelor’s degree in Computer Science, Engineering, or other related field, or equivalent experience
• 7+ Years Patching and Vulnerability management Hands-on IT or security operations experience
• Industry recognized certifications (CISSP, ITIL, etc)

Responsibilities

• Serve as the principal architect dedicated to the design and architecture of OCC's patching and vulnerability management program across on-premises and AWS cloud environments.
• Ensure robust, scalable, and secure vulnerability management across the organization by translating complex business requirements into technical solutions that align with industry best practices and regulatory standards.
• Lead efforts to optimally integrate the Vulnerability Management endpoint and network scanning solution (currently Qualys) with the ServiceNow Security Vulnerability Response module.
• Serve as the central coordinator for all patching and vulnerability management activities across the organization.
• Work directly alongside infrastructure teams including server, network, and cloud engineering to plan, schedule, and help execute patching cycles.
• Provide technical leadership in designing workflows, automation, and governance frameworks that maximize the value of the vulnerability management system.
• Work with Security and End User Experience SMEs to ensure seamless integration between Qualys and ServiceNow to enable unified policy enforcement and lifecycle management for vulnerabilities across both on-premises and cloud-based infrastructure.
• Aggressively drive the development and maturation of a patching strategy that progressively moves the organization toward near-real-time vulnerability remediation without disrupting a 24/7 production environment.
• Proactively assess architectural barriers, evaluate emerging tooling and automation approaches, and build the operational foundation necessary to reduce patch latency over time.
• Possess deep expertise in IT server and network administration, including on-premises infrastructure and AWS cloud-based solutions.
• Apply this breadth of knowledge to ensure consistent vulnerability management standards and patching practices are maintained across all environment types.
• Drive innovation and operational excellence for the IT Operational Security team's vulnerability management initiatives by combining technical depth with broad domain knowledge across on-premises and cloud environments.
• Proven ability to lead consistent cross-training efforts, mentor team members, and empower advanced learning to increase team resiliency and adaptability.
• Excellent communication and mentorship skills, with a history of taking ownership of team success and driving technical excellence.

Benefits

• A hybrid work environment, up to 2 days per week of remote work
• Tuition Reimbursement to support your continued education
• Student Loan Repayment Assistance
• Technology Stipend allowing you to use the device of your choice to connect to our network while working remotely
• Generous PTO and Parental leave
• 401k Employer Match
• Competitive health benefits including medical, dental and vision