QUALIFICATIONS

• Tertiary qualification in Information Systems or related field, or equivalent industry experience.
• Minimum 3 years’ experience supporting Windows platforms in large enterprise environments (1,000+ systems).
• Preferably experience with MacBooks in a similar context to Windows 10/11 systems
• Proficiency with SCCM, WSUS, automated software delivery, and patch management processes.
• Strong scripting skills, including PowerShell, VBScript, SQL Reporting Services, TSQL, and WQL.
• Proficiency with Group Policy configuration, deployment and troubleshooting
• Experience with Windows File Servers, IIS, DHCP, DNS, and PCI remediation practices.
• Solid understanding of security best practices, data communication, and network/software configuration.
• Proven ability to manage vulnerability and compliance reporting with accuracy.
• Excellent interpersonal, communication, and leadership skills with ability to collaborate effectively.
• Strong customer service orientation, resilience under pressure, and capacity to meet tight deadlines.
• Industry certifications are a plus.
• Professional, confident, self-motivated, with high integrity and a sense of urgency

ABOUT THE ROLE

As a key member of the Workplace Technology and Enablement team, the Engineer will lead the development, management, and implementation of patch management strategies for Windows and third-party applications across our enterprise environment. Leveraging automation and deployment tools, you will ensure the security, compliance, and health of client devices while driving continuous improvement in patching processes.
You will also own CIS compliance baseline enforcement, assessment, reporting, remediation, and exemption management, alongside vulnerability management including monthly patching, monitoring, and client health oversight.

KEY RESPONSIBILITIES

• Manage end-to-end patch and vulnerability lifecycle for Windows desktops, laptops, and cloud-managed devices, ensuring timely monthly patching and remediation.
• Oversee CIS compliance activities including enforcement, assessment, reporting, remediation, and exemptions.
• Conduct vulnerability management for third-party applications, supporting ongoing software/app patching and client health monitoring.
• Utilize SCCM and WSUS for patch deployment and administration, maintaining robust security standards.
• Generate and maintain detailed vulnerability and compliance reports, including PCI and auditing reports.
• Troubleshoot and resolve patch installation issues across Windows OS and third-party applications.
• Lead patch testing, deployment, and related process improvements to ensure operational excellence.
• Support strategic projects and service initiatives, collaborating cross-functionally to meet organizational goals.
• Provide expert technical guidance and mentorship within the team, fostering a culture of knowledge sharing.
• Drive research and proof-of-concept activities for emerging technologies in patch management and security.
• Ensure adherence to industry standards (e.g., PCI, GISO) and organizational policies related to security and compliance.
• Deliver on-call support and resolution of workplace and device service issues as required.