Security Compliance Architect Workstation Patching and Remediation

  • Posted 18 hours ago | Updated 5 hours ago

Overview

Accepts corp to corp applications
Contract - W2
Contract - Independent
Contract - 6+ month(s)

Skills

SCCM

Job Details

Please check the job description as below and let me know you if you would be interested and available. Please let me know your available time for a quick call.

Job Title: Security Compliance Architect Workstation Patching and Remediation

Location: Remote

Employment Type: Contract (12+ months, with potential for extension)

About the Opportunity

We are a premier technology consultancy supporting one of the world's most respected Fortune 50 enterprise technology organizations. As part of a high-visibility security compliance initiative, we are seeking an experienced Security Compliance Architect to lead a strategic patch management and vulnerability remediation program.

This is a long-term engagement suited for a senior leader with deep experience in endpoint patching strategy, tooling governance, automation, and stakeholder engagement across large, complex enterprise environments. Experience at Big 4 consulting firms, global audit/tax organizations, or comparable large enterprises is highly valued.

This is a remote role with limited travel, which may be requested but is not required.

Role Summary

As the Security Compliance Architect Workstation Patching and Remediation, you will lead the strategic and operational transformation of endpoint patch compliance for over 200,000+ Windows and Linux workstations. You will provide oversight of a dedicated patch compliance engineering team (~5 people) and serve as the Product Owner for enterprise patch tooling, including platforms such as SCCM, Intune, and Windows Autopatch.

You will approve large-scale patch deployments, drive cross-functional coordination, continuously optimize compliance processes, and provide executive-level reporting. The role also includes managing tooling vendor relationships and acting as a key liaison with stakeholder teams including Cybersecurity, Vulnerability Management, Global IT, Intune-Autopilot, SCCM-OSD, and others.

Key Responsibilities

  • Provide strategic oversight of the Patch Compliance Engineering team, including task prioritization, technical direction, and remediation governance
  • Serve as Product Owner for patching toolsets and lead coordination with internal teams and external vendors
  • Approve and oversee large-scale patching jobs across global endpoint fleets, ensuring operational readiness and alignment with risk priorities
  • Develop and implement continuous improvement strategies to streamline tooling, reporting, and remediation processes
  • Manage vendor relationships for patch tooling and remediation platforms
  • Act as a liaison to key teams including Cybersecurity, VMS, Global Infrastructure, SCCM-OSD, LPN, and Intune-Autopilot
  • Drive regular executive reporting on compliance status, risk posture, and roadmap initiatives

Patch Engineering Team Focus Areas (Under Your Leadership)

1. Proactive Remediation

  • Auto-update enablement for third-party and end-of-life software
  • Attack surface reduction strategies
  • Implementation of controls to block known bad software from reintroduction

2. Advanced Reporting & Analysis

  • Patch applicability and gap analysis using Qualys
  • Trend tracking and compliance history
  • Coordination with CXO/Contact Center teams to identify reimage candidates

3. Active Patching Execution

Mastery of enterprise toolsets to manage patch lifecycle across categories:

Vulnerability Reporting: Qualys (for scanning, prioritization, and remediation insight)

Windows OS Patching: Windows Autopatch, SCCM

Microsoft Office Patching: Cloud Update, SCCM

Third-Party Application Patching:

  • PatchMyPC, Qualys VMDR, SCCM, Nexthink
  • Build and configure baseline patch packages, pre-/post-patch scripting, and automation workflows
  • Optimize query logic and targeting in tooling to reduce deployment failures and improve accuracy

Required Qualifications

  • 10+ years of experience in endpoint security, vulnerability remediation, or IT compliance in large-scale enterprise environments
  • Strong expertise with SCCM, Microsoft Intune, Windows Autopatch, and third-party patching tools such as PatchMyPC, Nexthink, and Qualys VMDR
  • Proven ability to lead or oversee patch engineering teams, including performance coaching and remediation governance
  • Advanced scripting skills (e.g., PowerShell, Python) and automation best practices
  • Hands-on experience with vulnerability platforms such as Qualys for prioritization and reporting
  • Excellent communication and reporting skills with the ability to engage and brief executive leadership
  • Strong track record of process optimization and cross-functional collaboration

Preferred Qualifications

  • Experience at Big 4 firms, global consulting organizations, or large regulated enterprise environments
  • Familiarity with GenAI or automation frameworks for improving patch workflows or security posture
  • Knowledge of GRC frameworks such as NIST, ISO 27001, or CIS Controls
  • Experience with SCCM-to-Intune modernization programs and endpoint lifecycle management
  • Familiarity with enterprise reimaging, OS deployment, and vulnerability management workflows


-------------------------------------------------------
Thanks & Regards.

Isaac Rajiv

Kutir Corporation

Ph:

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.