Patching & Compliance Engineer – BMC TrueSight
SC clearance: Must
Role Overview
The Patching and Compliance Engineer is responsible for end-to-end patch lifecycle management, compliance reporting, and system health monitoring across Linux and Windows environments using BMC TrueSight. The role ensures that enterprise systems remain secure, compliant, and up to date with industry and organizational standards.
Key Responsibilities
Patching & Vulnerability Remediation
* Manage and execute OS patching activities for Linux and Windows servers through BMC TrueSight.
* Coordinate monthly/quarterly patch cycles, including scheduling, deployment, validation, and rollback (if needed).
* Review and remediate vulnerabilities identified by security tools (e.g., Qualys, Tenable, Defender for Endpoint).
* Troubleshoot patch failures and perform root‑cause analysis.
Compliance & Configuration Management
* Implement and enforce compliance baselines for OS security standards (CIS, STIG, internal benchmarks).
* Generate and analyze compliance dashboards, posture assessments, and remediation reports through BMC TrueSight.
* Ensure all servers adhere to baseline configuration, patch SLAs, and audit requirements.
* Support internal and external audits (ISO 27001, PCI‑DSS, SOC 2).
Monitoring & Automation
* Utilize BMC TrueSight for system health monitoring, remediation workflows, and policy enforcement.
* Develop and maintain scripts (PowerShell, Bash, Python preferred) to automate patching and compliance operations.
* Optimize patching processes and implement zero‑downtime or rolling update strategies where applicable.
Operations & Collaboration
* Work closely with Infrastructure, Security, Application, and Change Management teams.
* Maintain accurate asset inventory, patch calendars, and operational documentation.
* Participate in change management, go/no‑go decisions, and incident resolution.
* Provide L2/L3 operational support during patch windows and major compliance remediation activities.
Required Skills & Experience
* 5–8+ years of experience in patching, compliance, or OS administration roles.
* Strong hands‑on experience with BMC TrueSight Server Automation (BSA/TSSA).
* Strong experience patching Linux (RHEL, CentOS, Ubuntu) and Windows Server platforms.
#J-18808-Ljbffr