Staff Systems Engineer, Patching and Vul remediation lead

It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.

What you get to do in this role:

The patch and vulnerability management are an ongoing, regular operations process of identifying, assessing, managing, remediating operating systems cyber vulnerabilities. The Patch & Vulnerability Management SME provides technical leadership in overseeing and managing the patch management process to protect Mission Critical Systems and Services to avoid unforeseen disruptions. This role will be primarily responsible for ensuring that all software and systems are up to date with the latest patches and hotfixes, minimizing security vulnerabilities, and maintaining optimal system performance. He/she will lead and manage a team of outsourced engineers to manage the end-to-end patch management activities. The role also requires close collaboration with various teams to develop and implement effective patch management strategies and ensures compliance with industry standards and best practices. The ideal candidate is expected to provide complex patch management program leadership within the enterprise. This position is responsible for overseeing the effective IT operations following company risk management frameworks and ensure alignment with the organization’s rapid growth and increasing regulatory requirements.

Roles and Responsibilities:

• · Provide domain and subject matter expertise in vulnerability, patch management and configuration management
• · Design, develop, review, and maintain a comprehensive patch management strategy and configuration management and practice for the overall IT operations environment, considering security, operational, and business requirements.
• · Conduct regular patch management, vulnerability assessments and configuration management to identify potential security risks and prioritize patching based on criticality, urgency, and
• impact. Such assessment should cover all layers of enterprise infrastructure, endpoints, server hardware, operating systems, and applications.
• · Collaborate with the security team to evaluate the risk associated with unpatched vulnerabilities and recommend appropriate mitigation strategies.
• · Closely collaborate with Security, Infrastructure service owners and other teams to review guidelines, policies, and procedures for patch management activities and ensure adherence across the organization.
• · Review and coordinate the deployment of patches, updates, and security fixes across all systems, applications, and infrastructure.
• · Establish and/or enhance a standardized thorough testing process to verify the compatibility and stability of patches before deployment to production environments.
• · Work closely with infrastructure, application, security, and BU IT teams to schedule and implement patching activities with minimal impact on business operations.
• · Prepare detailed reports, metrics, and insights on patch compliance, analyse vulnerability remediation progress, and system performance to management and stakeholders. Regularly communicate the progress of patch management initiatives to senior leadership.
• · Analyze threats, vulnerability feeds, patch management gaps and propose continuous improvement   remediation plans.
• · Demonstrating system health and patching / vulnerability remediation compliance status based on predefined standards and routine maintenance of patch management.
• · Provide support during incident response efforts related to vulnerabilities or issues arising from patching activities.
• · Investigate and troubleshoot patch-related problems, collaborating with relevant teams to identify root causes and implement corrective actions.
• · Work within the change management and service management processes within Technology teams for all patch management coordination and execution.
• · Support the production of change risk assessments planned by Technology teams performing patch management and be able to present the changes to Change Advisory Boards, both internal and external.
• · Support technical evaluation and evidence for security assessments and audits.
• · Staying updated on new developments, emerging threats and vulnerabilities in cybersecurity standards, best practices and technologies related to patch management.

• Provide technical expertise for ServiceNow modules, including ITSM, ITOM, and ITBM

  
  

• Lead the Service Desk team in resolving technical issues and ensuring seamless User experience

  
  

• Develop and maintain technical documentation for ITSM,ITOM &ITAM and related processes

  
  

• Collaborate with the Global Tech Lounge team to ensure seamless User experience and manage day to day operations.

  
  

• Work with a global team to ensure 24/7 support and coverage for all essential functions like MIM & Command centre

  
  

• Track and report on SLAs (Service Level Agreements) to ensure high levels of service quality

  
  

• Develop and maintain reports, dashboards, and KPIs to measure adoption and usage

  
  

• Stay up-to-date with ServiceNow releases, features, and best practices.

  
  

• Drive user adoption and feedback to continuously improve the ServiceNow experience and deliver Now On Now experiences

  
  

To be successful in this role you have:

· Bachelor’s degree and/or advanced diploma in IT related or relevant field.

· At least 10 years of experience in Information Technology Operations, Engineering and/or IT Security function.

· 8 or more years of proven experience in IT patch management, vulnerability remediation, patch deployment experience, or a similar role.

· Proven track record in developing and implementing a vulnerability and patch management program utilizing a Vulnerability and Patch Management Framework such as Intune, SCCM, Tenable, Wiz or other.

· Demonstrated knowledge in systems vulnerability management and system hardening to mitigate Common Vulnerability and Exposures (CVE).

· Strong knowledge of software patching methodologies and deployment tools such as SCCM, Intune, Jamf is preferred.

· In depth knowledge of Salt, Ansible and puppet is preferred.

· Solid experience in managing patch management for enterprise-wide Operating Systems such as Microsoft, Linux, Clustering, AS400, Endpoint Protection software & tools.

· Familiarity with vulnerability assessment tools (Qualys, Nessus, etc.) and techniques is a plus.

· Experience with patch management automation systems and deployment methodologies.

· Solid understanding of legacy and modern IT Infrastructure architectures & related technologies, network/web related protocols, security principles, and common security vulnerabilities.

· Excellent communication and collaboration skills to work effectively with cross-functional teams and manage stakeholder engagement.

· Must understand cloud computing and SAAS services from patch management aspect.

· Solid experience in project management and execution in IT Infrastructure / Operations.

· Sound knowledge in ITIL, IT operations, project methodology and tools.

· Self-driven & motivated, tenacious problem solver will own issues until full resolution.

· Ability to carry out tasks to a high standard with a strong eye for attention to detail and thorough approach to their work.

· Demonstrate strong analytical and problem-solving skills, excellent judgement, and possess a passion for continuous learning.

· Experience managing and working with MSP, minimum of 3 years of experience managing diverse technical teams

JV20

Not sure if you meet every qualification? We still encourage you to apply! We value inclusivity, welcoming candidates from diverse backgrounds, including non-traditional paths. Unique experiences enrich our team, and the willingness to dream big makes you an exceptional candidate!

Work Personas

We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work. Learn more here.

Equal Opportunity Employer

ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. 

Accommodations

We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact [email protected] for assistance. 

Export Control Regulations

For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. 

From Fortune. ©2024 Fortune Media IP Limited. All rights reserved. Used under license.