Job Description

The Patch Management Specialist, Senior oversees enterprise patch management strategy and execution for desktops, laptops, and remote endpoints in a highly regulated, defense-focused environment. This role defines patch governance, schedules, and standards, aligning remediation activities with security policies, regulatory requirements, and mission needs while minimizing impact to critical services. The specialist leads coordination with security, infrastructure, and end-user support teams, driving automation, audit readiness, and continuous improvement of patching processes and toolsets.

Key Responsibilities

• Define and govern enterprise patch management strategy, standards, and schedules, aligning patch priorities with vulnerability risk, business impact, and compliance requirements.
• Architect and optimize large-scale patching solutions using tools such as WSUS, SCCM, or equivalent platforms, including deployment rings, maintenance windows, and detailed compliance reporting.
• Lead response to critical and zero-day vulnerabilities by coordinating rapid assessment, pilot deployments, risk-based prioritization, and accelerated patch rollouts across heterogeneous environments.
• Establish and manage patch exception and mitigation processes, including documenting risk acceptances, defining compensating controls, and reporting noncompliance to leadership.
• Partner with vulnerability management, security operations, and network/server teams to integrate scan results, threat intelligence, and asset criticality into patch planning and execution.
• Design and oversee automation, scripting, and configuration baselines that reduce manual effort, increase patch success rates, and improve consistency across diverse platforms.
• Develop and publish executive-level metrics and dashboards on patch compliance, remediation timelines, and risk reduction, using them to drive accountability with system owners.

Required Qualifications

• Bachelor’s degree in IT, Computer Science, or a related field, or equivalent relevant experience.
• Typically 8+ years of experience in patch management, infrastructure operations, or security engineering with progressive ownership of enterprise-wide patching responsibilities.
• Deep understanding of patch management principles and experience with tools such as Microsoft WSUS and SCCM or equivalent enterprise platforms.
• Strong problem-solving, analytical, communication, and interpersonal skills, with the ability to manage multiple concurrent initiatives.
• Experience supporting audits, assessments, and automated patch management solutions in highly regulated environments.
• Ability to obtain and maintain a Secret clearance; U.S. citizenship required.

Preferred Qualifications

• Familiarity with DoD or similar federal IT environments and their security/compliance expectations.
• Relevant certifications such as CISSP, CPMP, or similar security/governance credentials.
• Experience integrating patch and vulnerability management into broader cybersecurity and IT governance frameworks.

Qualifications

Compensation Ranges

Compensation ranges for ASM Research positions vary depending on multiple factors; including but not limited to, location, skill set, level of education, certifications, client requirements, contract-specific affordability, government clearance and investigation level, and years of experience. The compensation displayed for this role is a general guideline based on these factors and is unique to each role. Monetary compensation is one component of ASM's overall compensation and benefits package for employees.

EEO Requirements

It is the policy of ASM that an individual's race, color, religion, sex, disability, age, sexual orientation or national origin are not and will not be considered in any personnel or management decisions. We affirm our commitment to these fundamental policies.

All recruiting, hiring, training, and promoting for all job classifications is done without regard to race, color, religion, sex, disability, or age. All decisions on employment are made to abide by the principle of equal employment.

Physical Requirements

The physical requirements described in "Knowledge, Skills and Abilities" above are representative of those which must be met by an employee to successfully perform the primary functions of this job. (For example, "light office duties' or "lifting up to 50 pounds" or "some travel" required.) Reasonable accommodations may be made to enable individuals with qualifying disabilities, who are otherwise qualified, to perform the primary functions.

Disclaimer

The preceding job description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.