Vulnerability Mitigation and Patching Specialist bei Southside Bank

Position Title:      

Vulnerability Mitigation and Patching Specialist

Exempt Status:    

Exempt (17E)

Reports to:           

IT Infrastructure Services Manager

Job Summary:     This position is responsible for strengthening Southside Bank’s cybersecurity posture by ensuring timely remediation of identified vulnerabilities across the technology infrastructure. This role will primarily perform and manage security patching for desktops/laptops, assist with and oversee server security patching efforts, and coordinate with other Information Technology team members and Information Security team members to drive consistent, effective, and timely vulnerability mitigation. By centralizing these responsibilities, the position will enhance operational efficiency, reduce risk exposure, and support regulatory compliance efforts critical to safeguarding the Bank.

Essential Functions:

• Execute, coordinate, and track the deployment of security patches and updates.
• Collaborate with other IT team members, Information Security, and third-party vendors to ensure identified vulnerabilities are addressed promptly and effectively.
• Assist in the risk categorization of identified vulnerabilities and the prioritization of mitigation and remediation activities.
• Work with the Information Security team to monitor and report patching and vulnerability mitigation/remediation status.
• Document and report mitigation/remediation activities and status.
• Stay abreast of the latest patch management tools and techniques.
  • Document policies, operating standards and procedures for IT processes identified or specified.
  • Troubleshoots system performance issues, develops, and implements technical solutions related to infrastructure applications, software, and other corporate systems.
  • Ensure issues are tracked and resolved in a timely fashion.
  • Provide support during business and non-business hours.
  • Research, recommend and implement with management approval, upgrades, patches, and program enhancements.
  • Maintains a thorough knowledge of industry concepts, practices, and procedures.
  • Communicates effectively with other members of the department; participates in department meetings, projects, and functions; suggests methods for improvement of departmental procedures
  • Collaborate with Information Security Team and IT Operations Teams to ensure infrastructure technologies are properly configured/hardened, monitored, and maintained/patched.
  • Understands and agrees to abide by the policies and procedures established at Southside Bank.
  • Must comply with all applicable laws and regulations.
  • Performs duties in compliance with applicable laws and regulations, including but not limited to the Bank Secrecy Act (BSA) and related anti-money laundering laws, and in accordance with the Bank’s Information Security Program.
  • Maintains a positive and caring atmosphere for customers and employees consistent with the Southside Bank’s mission and philosophy.
  • Provides enthusiastic, professional, and courteous service to Southside Bank customers and employees.
  • Maintains the security and confidentiality of pertinent information and records.

Additional Functions:

• Participates in special projects as assigned.
• Performs additional duties as assigned or directed.
• Follows change management requests procedures for all changes in production infrastructure.
• Comply with all safety policies, practices, and procedures.  Report all unsafe activities to supervisor and/or Human Resources.

Required Education/Experience:    

• Bachelor’s Degree in Computer or Business-related field or equivalent education or experience.
• Minimum five (5) years experience with patch management tools, SCCM, Intune, Bigfix, or similar products required.
• Minimum three (5) years Microsoft Windows Server, Active Directory, and Windows Desktop experience required.
• Minimum five (5) years Azure and Office 365 experience required.
• Certifications required in disciplines such as Microsoft.

Necessary Skills:   

• Able to manage multiple assignments/projects.
• Strong technical, analytical, and critical thinking skills.
• Self-motivated, dependable, analytical and a problem solver.
• Excellent oral and written communication skills.
• Handles complex problems, maintaining continuity of normal workflow, ensuring compliance with department, company and regulatory standards and regulations, solving new or unfamiliar problems. 
• Communicates problems and unusual situations, orally and/or in a written format, to upper management in a timely manner.
• Operate in a team-oriented infrastructure and maintain effective communication.

Physical Activity/Dexterity: 

• Manual dexterity sufficient to reach/handle items and work with fingers.  Works with fingers and perceives attributes of objects and materials.

Physical Environment Demands: 

• Must be able to remain in a stationary position 90% of the time.
• The person in this position needs to occasionally move about inside the office to visit other offices, conference rooms, office machinery, etc.
• Constantly operates a computer and other office productivity machinery, such as a calculator, copy machine, and telephone.
• Constantly positions self to operate on a computer.
• The person in this position frequently communicates with other people throughout each day.  Must be able to exchange accurate information when conversing.  

Working Conditions/Infrastructure:

• Well-lighted, heated and/or air-conditioned indoor office setting with adequate ventilation.
• Moderate noise (e.g., business office with computers and printers, light traffic).

Work Schedule/Hours: 

• Monday through Friday; 8:00am – 5:00pm.
• After hours, as necessary, for business needs and maintenance change management windows.
• Work, as needed, on weekends and holidays.

Travel:

• Occasional travel between Tyler and Fort Worth data centers.
• Minimal overnight travel (up to 10%) by land and/or air.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)