Overview
The BMC TrueSight Patching and Compliance Engineer is responsible for enterprise-wide operating system patching, vulnerability remediation, and configuration compliance using the BMC TrueSight Server Automation (TSSA) platform. The role ensures Windows and Linux systems remain secure, compliant, and audit-ready by enforcing standardized baselines, automating patch deployments, and maintaining continuous compliance across hybrid infrastructure.
Key Responsibilities
* Administer and operate BMC TrueSight Server Automation (TSSA) for patching and compliance.
* Design, configure, and maintain patch catalogs, smart groups, component templates, and job workflows.
* Manage BSA agents across Windows and Linux environments.
* Perform environment health checks and troubleshooting of TSSA infrastructure.
Patch Management Operations
* Own end-to-end patch lifecycle using BMC TSSA for:
* Windows Server 2016/2019/2022
* Linux (RHEL, CentOS, Ubuntu, SUSE)
* Create and manage Patch Analysis Jobs (PAJ), Patch Deploy Jobs (PDJ), and remediation jobs.
* Test patches in lower environments before production rollout.
* Execute monthly patch cycles and emergency out-of-band patching for critical CVEs.
* Validate patch success and handle failures, reboots, and rollbacks.
Vulnerability Remediation & Risk-Based Patching
* Integrate vulnerability scan outputs (Qualys, Tenable, Rapid7) with TSSA remediation workflows.
* Correlate CVEs to patch catalogs and prioritize remediation based on CVSS and business risk.
* Track vulnerability aging and ensure remediation SLAs are met.
Compliance & Configuration Management
* Build and maintain compliance templates based on CIS Benchmarks, STIGs, NIST, ISO 27001.
* Perform continuous compliance scans using TSSA Compliance Jobs.
* Automate remediation of non-compliant configurations.
* Manage configuration baselines and detect drift across environments.
Automation & Orchestration
* Develop BLCLI scripts and workflows for large-scale patch orchestration.
* Automate patching and compliance reporting.
* Integrate TSSA with ServiceNow for automated change creation and status updates.
#J-18808-Ljbffr