Vulnerability and Patch Management Specialist

Company Description

Come join us and make a difference in the world!

We’re NEC Software Solutions (part of global tech giant NEC Corporation). While you read this ad, our software is helping to dispatch ambulances, support families, keep trains on the move, locate missing people and even test the hearing of newborn babies.

Working with us, you’ll be helping our 3,000+ employees push the boundaries of what’s possible and support amazing public services.

We work with governments, hospitals, police forces, housing providers, local authorities and more. We help them pay financial support faster, speed up treatments for patients and respond to emergencies in the right way. The more we do, the more our customers can do for others. And together, we make a world of difference.

We’d love your help. And we’ll support you all the way.

Discover more at www.necsws.com

Job Description

The Vulnerability and Patch Management Specialist is responsible for overseeing and managing the patch management process within NECSWS. This role entails ensuring that all software and systems are up-to-date with the latest patches and updates, minimizing security vulnerabilities, and maintaining optimal system performance. The Vulnerability and Patch Management Specialist will lead and manage a team of like minded engineers to meet the challenges of the business. The role also requires collaboratation with various teams to develop and implement effective patch management strategies and ensures compliance with industry standards and best practices.

The Vulnerability and Patch Management Specialist will report to the Technology Operations Director.  

Key Responsibilities: 

Patch Management Strategy: 

• Develop and maintain a comprehensive patch management strategy for the IT estate, considering security, operational, and business requirements. 

• Work with colleagues in Cyber Security to define guidelines, policies, and procedures for patch management activities and ensure adherence across the organisation. 

Patch Deployment and Testing: 

• Coordinate the deployment of patches, updates, and security fixes across all systems, applications, and infrastructure. 

• Establish a standardised testing process to verify the compatibility and stability of patches before deployment to production environments. 

• Work closely with development, infrastructure, and security teams to schedule and implement patching activities with minimal impact on business operations. 

Vulnerability Assessment and Risk Analysis: 

• Conduct regular vulnerability assessments to identify potential security risks and prioritize patching based on criticality and impact. 

• Collaborate with the security team to evaluate the risk associated with unpatched vulnerabilities and recommend appropriate mitigation strategies. 

Compliance and Reporting: 

• Stay updated with industry regulations, standards, and best practices related to patch management. 

• Generate reports and metrics on patch compliance, vulnerability remediation progress, and system performance to provide insights to management and stakeholders. 

Incident Response and Troubleshooting: 

• Provide support during incident response efforts related to vulnerabilities or issues arising from patching activities. 

• Investigate and troubleshoot patch-related problems, collaborating with relevant teams to identify root causes and implement corrective actions. 

Stakeholder Management: 

• Work within the change management and service management processes within NEC SWS for all patch management coordination and execution 

• Support the production of change risk assessments by the engineering teams performing patch management and be able to present the changes to Change Advisory Boards, both internal and external. 

Qualifications

• Previous experience in team and people management.
• Proven experience in IT patch management, vulnerability management, or a similar role.
• Strong knowledge of software patching methodologies, tools, and industry best practices.
• Familiarity with vulnerability assessment tools and techniques. 
• Experience with patch management automation systems and deployment methodologies. 
• Solid understanding of network and system architecture, security principles, and common security vulnerabilities. 
• Strong analytical and problem-solving skills. 
• Excellent communication and collaboration skills to work effectively with cross-functional teams. 

Additional Information

We pride ourselves in offering an excellent benefits package, including an above average pension scheme. When you join the team at NEC Software Solutions, you are provided with the following:

• Private Medical Cover funded by NEC for Employees (with the option to add family members at an additional cost) 
• 25 days paid holiday with the option to buy/sell 
• 4 x basic salary life assurance cover funded by NEC (with the option to increase cover at an additional cost)
• A Group Pension Plan with fantastic employer contributions up to a maximum of 8.5%
• A selection of flexible benefits to suit your individual needs
• All colleagues get free access to LinkedIn Learning. Over 15000 courses covering a huge breadth of subjects. Learn about what you like, when you like, how you like. 

OTHER INFORMATION

Candidates must be able to demonstrate a pre-existing right to work and travel within the EU. Documentary evidence will be required.

All offers are subject to satisfactory vetting and reference checks. Depending on the nature of the role a Disclosure Barring Service (DBS) check may also be required.

NEC is an equal opportunities employer, welcoming applications from all communities.