Baltimore Enterprise Solutions is seeking a remote Vulnerability and Patch Management Analyst to join an innovative and high-performing company.

QUALIFICATIONS OF THE VULNERABILITY AND PATCH MANAGEMENT ANALYST:

• 3+ years of experience in information security, with a significant focus on vulnerability management and/or patch management.
• Strong understanding of patch management tools and methodologies common vulnerability scanning tools (e.g., SCCM, WSUS, InTune).
• Experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7).
• Solid understanding of common operating systems (Windows, Linux), networking concepts, and cloud platforms (AWS, Azure, GCP).
• Bachelor’s degree in Computer Science, Information Security, Information Technology, or a related field; or equivalent practical experience.

• Design, develop, implement, and continuously improve vulnerability and patch management processes, procedures, and workflows from discovery to remediation and verification.
• Establish clear ownership and accountability for vulnerability remediation across different IT teams (e.g., Infrastructure, Applications, Security).
• Develop and implement a comprehensive patch management strategy, including a patching schedule, testing procedures, and rollback plans.
• Define and track key performance indicators (KPIs) and metrics for the vulnerability and patch management programs.
• Analyze scan results, identify false positives, prioritize vulnerabilities based on risk (CVSS score, exploitability, business impact), and communicate findings to relevant stakeholders.