• The Patch Management Analyst is responsible for monitoring Information Assurance Vulnerability Alert releases (IAVAs) from USCYBERCOMMAND.
• Coordinates and monitors the progress of patches and updates throughout the CENTCOM enterprise.
• Provide guidance when it comes to analyzing and evaluating the patching status of networks and security vulnerabilities on a daily basis.
Roles and Responsibilities:
Includes, but not limited to:
• Assist with ensuring that security policies, standards and procedures are followed.
• Brief government leadership daily on patching status and monthly to show continued/historical progress.
• Assign remediation tasks to applicable branches and track progress through completion.
• Create and track Plans of Action and Milestones (POA&M) and other documentation for approval by the Authorizing Official (AO) as needed.
• Work cross-divisionally with Engineering and Cyber Security regarding testing, validation and documentation of patches and software updates.
• Participate in Command Cyber Readiness Inspection (CCRI) preparation.
• Monitor the implementation/remediation of IAVAs and security patches.
• Provide guidance throughout the organization regarding the patch management process (IAVM/Remediation)
• Review and analyze patching data (primary tools include ACAS and Nessus), determine action items and remediation efforts.
• Coordinate with change management and problem management to evaluate and facilitate changes and or problem execution related to information systems vulnerabilities.
• Recommend and assist with implementation of remediation/mitigation action plans ensuring no/to limited impact to operations.
• Tracking of other Compliance items as required.