Sr. Patching and Vulnerability Management Analyst; Hybrid

Position: Sr. Patching and Vulnerability Management Analyst (Hybrid)
What We Are Looking For

Primary

Purpose:

We are seeking a skilled Sr. Patching and Vulnerability Management Analyst to support enterprise-wide patch management and vulnerability remediation across Windows servers and endpoints. This role operates as part of a collaborative team of SCCM/MECM and security professionals, contributing to the design, optimization, and execution of patching strategies.

The ideal candidate brings strong technical expertise, automation skills, and a proactive approach to improving patch compliance and reducing security risk while working closely with peers, security teams, and infrastructure teams. Experience handling zero-day threats, third-party patching, and risk-based prioritization is essential.

About the role:

This role plays an important part in maintaining the organization's security posture by helping ensure systems are patched, compliant, and protected against emerging threats-working as part of a broader team dedicated to infrastructure reliability and cybersecurity.

What You Will Do

Essential Duties and Responsibilities

SCCM / MECM Engineering & Support

* Support the design, maintenance, and optimization of Microsoft Endpoint Configuration Manager (SCCM/MECM) infrastructure

* Monitor SCCM client health and assist in resolving performance and reliability issues

* Troubleshoot client, deployment, and update-related issues in collaboration with the team

* Contribute to improvements in SCCM architecture, scalability, and performance

Patch Management Operations

* Participate in the end-to-end Windows patch lifecycle (assessment, testing, deployment, validation, and reporting)

* Execute monthly patch cycles (Patch Tuesday), including support for out-of-band and urgent patching activities

* Assist in implementing phased deployment strategies (pilot groups and production rollouts)

* Help ensure patch deployments minimize business disruption

Vulnerability Management

* Support vulnerability assessment and remediation efforts by analyzing vulnerability data (CVE, CVSS scoring)

* Assist in prioritizing remediation activities based on risk and business impact

* Partner with cybersecurity teams to align patching activities with threat intelligence

* Contribute to reducing exposure to critical and high-risk vulnerabilities

Automation & Process Improvement

* Develop and maintain Power Shell scripts to automate routine patching and operational tasks

* Identify opportunities to improve efficiency and reduce manual processes

* Support continuous improvement of patch management procedures and standards

Compliance, Auditing & Reporting

* Help ensure all endpoints are properly inventoried and compliant with patching policies

* Assist with compliance tracking, reporting, and audit support activities

* Perform routine validation checks to ensure adherence to security standards

Incident Support & Troubleshooting

* Provide support for patch-related incidents and endpoint issues

* Troubleshoot failed deployments, update issues, and client health problems

* Participate in after-hours support for patching windows or critical issues as needed

Collaboration & Governance

* Work within established change management processes

* Collaborate with team members, security, and infrastructure teams on patching activities

* Contribute to documentation of processes, procedures, and system configurations

* Share knowledge and best practices within the team

What You Need

Required Qualifications

* Bachelor's degree in Computer Science, Information Systems, Engineering, or related field (or equivalent experience)

* 3-5+ years of experience with Microsoft Endpoint Configuration Manager (SCCM/MECM)

* Experience supporting enterprise Windows patching environments

* Experience handling zero-day and out-of-band patching scenarios

* Strong knowledge of:

* Windows Server and Windows 10/11

* Windows Update processes and troubleshooting

* Proficiency in Power Shell scripting and automation

* Experience with:

* Vulnerability remediation processes

* Risk-based patch prioritization

* CVE / CVSS scoring concepts

* Solid understanding of:

* Active Directory, DNS, DHCP

* Networking fundamentals

* Strong troubleshooting skills across SCCM and Windows update issues

Preferred Qualifications

* Experience with Microsoft Intune / Endpoint Manager (co-management)

* Familiarity with Vulnerability Management tools

* Understanding of hybrid environments (on-premises and cloud)

* Experience with cloud platforms such as Microsoft Azure

* Experience with virtualization platforms:

* VMware

* Hyper-V

* Citrix

* Experience with alternative patching and endpoint management tools (beyond SCCM) is a plus

Why Join Kinder Morgan

Kinder Morgan is a large energy infrastructure company operating in North America. Access to reliable, affordable energy is a critical component for improving lives around the world. We are committed to providing energy transportation and storage services in a safe, efficient, and environmentally responsible manner for the benefit of the people, communities, and businesses we serve.

Kinder…