Patching Engineer
Job Purpose
The Patching Engineer is responsible for maintaining the security and health of the Trust's IT infrastructure by managing the deployment, scheduling, and tracking of patches across all clients, servers, and relevant enterprise applications. This includes both physical and virtual environments supporting critical systems across clinical, digital/information, and financial domains.
Key responsibilities include managing the Trust’s enterprise patching solutions, ensuring that systems, servers, storage, and data centre infrastructure are continuously updated and secure. The Patching Engineer will uphold patching standards and processes to safeguard against vulnerabilities, with a focus on system reliability and data protection.
Location: Sutton, London
Job Type: Temporary
Duration of booking: Expected to last 3 months with possible extension
Proposed start date: ASAP
Pay Rates: Up to £33 per hour Umbrella or £28 per hour PAYE inclusive of holiday pay
Hours / Working Days: 37.5 hours per week / Monday to Friday, 9am – 5pm
Sector: Healthcare
Based: Office / Hospital
The role requires the Patching Engineer to:
* Plan, deploy, and monitor patching efforts across IT environments.
* Collaborate with internal teams, external vendors, and IT suppliers to coordinate patching and resolve vulnerabilities promptly.
* Prioritise workload and respond to technical queries from teams within and outside Digital Services, independently seeking out resources when necessary.
* Develop and maintain operational procedures for patch management, ensuring consistency and success.
* Monitor and manage performance of IT/Digital systems and infrastructures, ensuring appropriate capacity and availability while responding to alerts and taking remedial action as necessary.
* Provide technical support and consultation to internal teams and external parties, ensuring that patching processes are understood and followed.
Main Tasks and Responsibilities
Vulnerability Identification & Remediation:
* Collaborate with the cyber security, systems and infrastructure teams, etc to identify vulnerabilities in the IT infrastructure, including servers, PCs, and software.
* Monitor vendor updates and releases for Trust systems and plan remediation activities without undue delays.
* Recommend appropriate remediation measures, plan and execute patch deployments, troubleshoot issues where required, and confirm successful implementation.
* Work with IT suppliers, contractors, and other third parties to ensure vulnerabilities are remediated safely and without undue delays.
* Own the process of resolving issues related to failed or missing patches.
* Patch Management & Deployment:
* Implement and maintain "Best in Class" practices for enterprise patch management and deployment, ensuring that all patches are applied consistently and effectively.
* Maintain and update patching schedules and maintenance windows, communicating these effectively to the relevant stakeholders.
* Develop and automate scripts to streamline manual patching operations, improving efficiency and reducing the risk of human error.
* Identify missing devices, systems, or application and take appropriate steps to onboard them into the Trust patching programme.
Monitoring & Reporting:
* Proactively monitor patching success rates and identify trends or recurring issues that could impact future patch cycles.
* Provide regular reporting on patching status to the cyber security team and other relevant stakeholders, including management and oversight committees as required.
* Ensure that all operational processes are thoroughly documented, kept up to date, and reproducible, adhering to Trust’s policies and standards.
Collaboration & Communication:
* Serve as the main point of contact for all matters related to patch management, effectively communicating processes, procedures, and changes to internal and external teams.
* Work closely with the cyber security team and other IT personnel to ensure that vulnerabilities are identified and remediated in a timely and effective manner.
Infrastructure Support & Maintenance:
* Ensure the high availability, security, and performance of the server and storage infrastructure, supporting existing systems and implementing necessary patches, upgrades, and security modifications.
* Support the delivery of service continuity and disaster recovery plans for the Trust’s systems, ensuring that these plans are regularly tested and updated.
Security Compliance & Best Practices:
* Ensure systems are secure, resilient, and comply with industry standards and Trust policies/procedures, contributing to the overall cybersecurity posture of the hospital.
* Participate in the planning, scheduling, and implementation of IT/digital projects and changes.
Required Skills & Experience
* Proven experience in patching and vulnerability management, and server health maintenance within a large-scale enterprise environment.
* Strong technical skills in IT/Digital infrastructure, systems (including windows, linux, etc), storage, security, virtualisation, and data centre support.
* Ability to work independently and proactively, taking ownership of vulnerability identification and patch management tasks.
* Excellent communication and collaboration skills, with the ability to work effectively within a diverse team and engage with third-party suppliers and contractors.
* Degree in Information Technology/Cyber Security or equivalent experience (minimum 2 years)
* Technical cyber security professional qualification or accreditation
* IT Infrastructure/Systems /Network Technical qualifications
* ITIL
Experience
* Relevant experience in healthcare or other major large-scale customer service-oriented organisation
* Advanced knowledge and experience leading, coordinating, deploying or being actively involved in the patching process
* Broad understanding of the Data Protection
* Regulations, and the NHS Data Security and Protection Toolkit
* Strong experience with operating systems (especially Windows and Linux), network configuration, and scripting
* Strong experience with patch management software, such as:
* PatchMyPC (Applications)
* SCCM (Applications)
* Intune (Workstations & Laptops)
* Ivanti Security Controls (Windows Servers)
* Ivanti Security Controls (Linux Servers)
* Intune (Android / iOS)
* Strong diagnostic and problem-solving skills to manage and troubleshoot patch deployment issues across different IT environments.
* Strong experience with virtual environments like VMware, Hyper-V, or Azure
Skills Abilities / Knowledge
* Excellent communication skills, personable and friendly, able to work productively and unsupervised using own initiative
* Detailed understanding and experience on ISO Layers, VPNs, DNS, DHCP, Encryption, and:
Azure
* Azure Active Directory (EntraID)
* Virtual Desktop Interface (VDI)
* Others
Microsoft Office 365
* Exchange
* Teams
* SharePoint/OneDrive
* AD Connect
* Others
Server & Service Technologies
* Active Directory Domain services and all associated roles and features
* Microsoft Public Key Infrastructure
* Remote Access (RDP, AoVPN, etc)
* Other MS Server roles and features
* Dell Infrastructure and services
* Broadcom Suite (Software)
* Other Operating Systems
* Linux
Unix/IoS
Job reference number: YW-q7wD