Totally Bazaar — Gift Gallery!

Vulnerability & Patch Assurance Manager

Role Overview Our client is launching a Patching Center of Excellence to standardize patch governance, reduce risk, and improve operational resilience. This hands-on manager role analyses vendor patches and vulnerabilities, validates packages, coordinates testing, runs post-patching scans, and produces risk and compliance reports. Ideal for a junior manager with strong technical skills and passion for operational security. Main Responsibilities Monitor vendor advisories (Microsoft, Red Hat, Appl

Morgan McKinley - Hong Kong - Full time

Salary: Competitive

Role Overview

Our client is launching a Patching Center of Excellence to standardize patch governance, reduce risk, and improve operational resilience. This hands-on manager role analyses vendor patches and vulnerabilities, validates packages, coordinates testing, runs post-patching scans, and produces risk and compliance reports. Ideal for a junior manager with strong technical skills and passion for operational security.

Main Responsibilities
  • Monitor vendor advisories (Microsoft, Red Hat, Apple, Adobe, Cisco, VMware, others)
  • Analyse vulnerabilities using Common Vulnerabilities and Exposures, Common Vulnerability Scoring System, Exploit Prediction Scoring System, Known Exploited Vulnerabilities, exploit maturity, and asset exposure
  • Prioritize patches based on exploit status, internet exposure, critical assets, and business impact
  • Validate patch content, prerequisites, supersedence, and rollback options
  • Coordinate and document User Acceptance Testing and Pilot testing
  • Support maintenance windows, change records, and communications
  • Perform and verify post-patching scans (Qualys, Tenable, Rapid7, Defender for Endpoint)
  • Investigate residual issues, misconfigurations, and failed deployments
  • Contribute to Standard Operating Procedures and patching standards
Required Skills and Experience
  • 6-10 years in Information Security, Endpoint Engineering, or Vulnerability Management
  • Hands-on experience with patching tools in at least one platform:
    • Windows: Windows Server Update Services, System Center Configuration Manager, Microsoft Endpoint Configuration Manager, Intune, Defender for Endpoint
    • Linux: Red Hat Satellite, YUM, DNF, APT, Ansible
    • macOS: Jamf Pro or native update tools
    • Others: Ivanti, Tanium
  • Proficient in vulnerability scanners (Qualys, Tenable, Rapid7, Nessus)
  • Strong knowledge of Common Vulnerabilities and Exposures, Common Vulnerability Scoring System, Exploit Prediction Scoring System, Known Exploited Vulnerabilities, and compensating controls
  • Familiar with Information Technology Infrastructure Library change management and rollback planning
  • Excellent documentation, Microsoft Excel, Power Business Intelligence reporting, and communication skills
  • Preferred certificates:
    • CompTIA Security Plus
    • Microsoft Azure Security Engineer
    • Red Hat Certified System Administrator
    • Information Technology Infrastructure Library Foundation
    • Certified Information Systems Security Professional (associate level)


Apply
23672585
Ad