Patching &Vulnerability Manager

GENERIC ACCOUNTABILITIES

·         Lead and manage a team responsible for the design, implementation, and execution of vulnerability and patch management processes.

·         Develop and enforce policies, procedures, and frameworks to mitigate risks and ensure the IT environment remains secure.

·         Collaborate with internal teams and stakeholders to align vulnerability management initiatives with business goals.

·         Ensure compliance with relevant regulatory, legal, and industry standards.

• Foster a high-performance culture within the team, promoting skill development and engagement.

ACCOUNTABILITIES

Strategy:

·         Assist in defining and executing the vulnerability and patch management strategy to align with the organization's security and IT objectives.

·         Establish risk-based prioritization frameworks for vulnerabilities and patch deployment, balancing operational needs and security requirements.

• Support the Head of Telecoms, Vulnerability, and Patch Management in aligning team objectives with the overall IT strategy.

Technology:

·         Oversee the implementation, operation, and optimization of vulnerability assessment tools and patch management platforms.

·         Identify emerging vulnerabilities and work closely with stakeholders to ensure timely mitigation.

·         Evaluate and adopt technologies to improve automation and efficiency in vulnerability and patch management processes.

·         Ensure the secure and consistent deployment of patches across operating systems, applications, and network devices.

Analysis and tracking:

·         Perform regular vulnerability scans and ensure identified risks are addressed within established SLAs.

·         Maintain and regularly update documentation of vulnerabilities, patches, and mitigation strategies.

·         Track and report on patch compliance and vulnerability remediation to management, highlighting trends, risks, and achievements.

·         Conduct root cause analyses to address recurring security gaps and improve processes.

Financial and Budgetary control:

• Contribute to the budgeting process for tools, platforms, and resources related to vulnerability and patch management.
• Manage team resources efficiently to ensure cost-effectiveness without compromising quality.
• Evaluate vendor performance and cost-effectiveness of tools used for vulnerability and patch management..

Technical Operations:

·         Plan, schedule, and execute vulnerability scans, ensuring risks are prioritized and addressed.

·         Coordinate and oversee the deployment of patches in alignment with operational needs to minimize disruptions.

·         Manage exceptions for vulnerabilities that cannot be patched immediately, implementing compensating controls as necessary.

·         Collaborate with IT and Security teams to ensure all systems are aligned with security and compliance requirements.

• Monitor the environment for potential threats and vulnerabilities, ensuring proactive and rapid response.

  Knowledge:

   

  ·         Bachelor’s degree in Information Technology, Cybersecurity, or a related field.

  ·         Certifications such as CISSP, CISM, CompTIA Security+, or CEH are highly desirable.

  Experience

  ·         7+ years of experience in vulnerability management, patch management, or IT security operations.

  ·         Strong hands-on experience with vulnerability assessment tools (e.g., Nessus, Qualys) and patch management platforms.

  Proven leadership experience in managing technical teams.