This is a hybrid role, requiring the successful candidate to attend our Tralee office.
Role Description
The Patch Governance Specialist is responsible overseeing and managing a cross functional Vulnerability and Patch Management program across the Americas Division.
The Patch Governance Specialist will oversee the process for identifying, assessing, and mitigating security vulnerabilities in systems and software, and ensuring timely application of security patches to protect against cyber threats and coordinating with IT and security teams to deploy patches.
The Patch Governance Specialist is also responsible for monitoring and reporting on the technology patch compliance with the defined service level agreement and providing accurate metrics such as Key risk indicators and Key Performance indicators to senior management.
The Patch Governance Specialist is responsible for validating all activities for vulnerability and patching are auditable by diligently working with all technology asset owner across the Americas Division to verify policies, standards, procedures, and controls are in place to meet SMBC's regulatory, operational, audit and reporting requirements.
Role Objectives Vulnerability Assessment: Regularly scan systems and applications for known vulnerabilities using various tools.
Patch Management: Develop and implement strategies for patching and updating software and systems to address identified vulnerabilities Prioritization: Determine the severity and potential impact of vulnerabilities to prioritize remediation efforts.
Remediation: Apply patches, updates, and security configurations to address vulnerabilities.
Incident Response: Assist in investigating and resolving security incidents involving vulnerabilities.
Reporting and Compliance: Generate reports on vulnerabilities, their impact, and the status of remediation efforts, ensuring compliance with relevant standards and regulations.
Communication and Collaboration: Communicate vulnerability findings and remediation recommendations to stakeholders, including technical and non-technical personnel.
Policy Development: Contribute to the development and maintenance of vulnerability management policies, procedures, and playbooks.
System Configuration: Configure systems to meet security best practices and minimize vulnerabilities.
Testing: Support test plan development and perform system configuration testing to ensure patches and updates are deployed correctly.
Threat Intelligence: Stay informed about emerging threats and vulnerabilities to proactively address potential risks.
Qualifications and Skills Vulnerability Management Tools: Experience with tools like vulnerability scanners, patch management systems, and configuration management tools.
(Rapid7, ServiceNow VR, Tanium, etc.)
Operating Systems: Familiarity with various operating systems, such as Windows, Linux, and macOS.
Networking: Understanding of network security principles and protocols.
Security Best Practices: Knowledge of industry-standard security practices and frameworks such as FFIEC, NIST, and COBIT.
Compliance Standards: Awareness of relevant security standards and regulations.
Communication and Collaboration: Strong interpersonal and communication skills to work effectively with various teams.
Data reporting and normalization within ServiceNow including ITAM and CMDB