Patch Management and Vulnerability Engineer

Job Summary: The Patch Management and Vulnerability Engineer is responsible for developing, implementing, and maintaining patch management and vulnerability assessment programs within the organization. This role involves identifying, prioritizing, and remediating security vulnerabilities across various systems and networks to minimize the risk of cyber threats and breaches. The engineer collaborates with cross-functional teams to ensure timely patching and effective mitigation of security vulnerabilities.

Key Responsibilities:

Patch Management:

• Develop and maintain patch management policies, procedures, and standards.
• Identify and prioritize patches for deployment based on severity and impact analysis.
• Coordinate with system administrators and IT teams to schedule and deploy patches across the organization's infrastructure.
• Monitor patch deployment status and ensure compliance with patch management policies.

Vulnerability Assessment:

• Perform regular vulnerability scans and assessments across networks, systems, and applications using industry-standard tools.
• Analyze scan results to identify security vulnerabilities, misconfigurations, and weaknesses.
• Prioritize vulnerabilities based on risk assessment and potential impact on the organization.
• Collaborate with system owners and stakeholders to develop and implement remediation plans.

Incident Response and Remediation:

• Assist in incident response activities related to patch management and vulnerability management.
• Investigate security incidents and breaches to identify root causes and recommend corrective actions.
• Work closely with the incident response team to mitigate security risks and prevent future incidents.

Documentation and Reporting:

• Maintain accurate records of patching activities, vulnerability assessments, and remediation efforts.
• Generate regular reports on patch management and vulnerability assessment metrics, trends, and effectiveness.
• Provide recommendations for improving patching processes and enhancing overall security posture.

Security Awareness and Training:

• Contribute to security awareness programs by creating educational materials and conducting training sessions on patch management best practices and security hygiene.
• Collaborate with IT teams to promote a culture of security awareness and proactive risk management.

Qualifications and Skills:

• Bachelor's degree in Computer Science, Information Security, or related field.
• Relevant industry certifications such as CISSP, CISM, CompTIA Security+, or equivalent.
• Strong understanding of patch management principles, vulnerability assessment methodologies, and common security frameworks (e.g., NIST, CIS).
• Experience with patch management tools (e.g., WSUS, SCCM, Ivanti) and vulnerability scanning tools (e.g., Nessus, Qualys, OpenVAS).
• Proficiency in scripting languages (e.g., PowerShell, Python) for automation and customization of patching and scanning processes.
• Excellent analytical and problem-solving skills, with the ability to prioritize and manage multiple tasks in a dynamic environment.
• Effective communication and collaboration skills to work with cross-functional teams and stakeholders.

As a leading payments company in healthcare, we guide, price, explain, and pay for care on behalf of insurers and their members. We’re Zelis in our pursuit to align the interests of payers, providers, and consumers to deliver a better financial experience and more affordable, transparent care for all. We partner with more than 700 payers, including the top-5 national health plans, BCBS insurers, regional health plans, TPAs and self-insured employers, over 4 million providers, and 100 million members, enabling the healthcare industry to pay for care, with care. Zelis brings adaptive technology, a deeply ingrained service culture, and a comprehensive navigation through adjudication and payment platform to manage the complete payment process.

Commitment to Diversity, Equity, Inclusion, and Belonging 
At Zelis, we champion diversity, equity, inclusion, and belonging in all aspects of our operations. We embrace the power of diversity and create an environment where people can bring their authentic and best selves to work. We know that a sense of belonging is key not only to your success at Zelis, but also to your ability to bring your best each day.

Equal Employment Opportunity  
Zelis is proud to be an equal opportunity employer. All applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. 

We encourage members of traditionally underrepresented communities to apply, even if you do not believe you 100% fit the qualifications of the position, including women, LGBTQIA people, people of color, and people with disabilities.  

Accessibility Support 

We are dedicated to ensuring our application process is accessible to all candidates. If you are a qualified individual with a disability or a disabled veteran and require a reasonable accommodation with any part of the application and/or interview process, please email TalentAcquisition@zelis.com   

SCAM ALERT: There is an active nationwide employment scam which is now using Zelis to garner personal information or financial scams. This site is secure, and any applications made here are with our legitimate partner. If you’re contacted by a Zelis Recruiter, please ensure whomever is contacting you truly represents Zelis Healthcare. We will never asked for the exchange of any money or credit card details during the recruitment process. Please be aware of any suspicious email activity from people who could be pretending to be recruiters or senior professionals at Zelis.