Job description
ABOUT THE JOB
Join our Information Security team to standardize patch governance, improve risk reduction, and enhance operational resilience. This hands-on role is ideal for a junior manager with strong technical skills and a passion for operational security.
Your Missions
- Track vendor advisories (Microsoft, Red Hat, Apple, Adobe, Cisco, VMware, browser vendors)
- Analyze CVEs, CVSS/EPSS scores, exploit maturity, KEV catalog entries, and asset exposure
- Recommend prioritization for patching based on risk and business impact
- Review patch metadata, supersedence, prerequisites, and rollback strategy
- Coordinate patch validation in UAT/Pilot rings; verify functional and security outcomes
- Document test cases, exceptions, application compatibility notes, and sign-off criteria
- Ensure maintenance window discipline, change records, and communications are tracked
- Run and validate post-patching scans (Qualys, Tenable, Rapid7, Defender for Endpoint)
- Investigate residual vulnerabilities, misconfigurations, failed installs, and drifts
- Contribute to SOPs, standards, and ring & rollback methodologies
ABOUT YOU
- Bachelor’s Degree or equivalent practical experience
- 2–4 years of experience in Information Security, Endpoint Engineering, or Vulnerability Management
- Hands-on experience with patch management technologies:
- Windows: WSUS, SCCM/MECM, Intune, Defender for Endpoint
- Linux: Red Hat Satellite, YUM/DNF/APT, Ansible
- macOS: Jamf Pro, macOS update frameworks
- Endpoint/Server Management: Ivanti, Tanium
- Experience with vulnerability scanning and assessment tools such as Qualys, Tenable, Rapid7, or Nessus
- Strong understanding of vulnerability management concepts including CVEs, CVSS, EPSS, KEV, exploit chains, and compensating controls
- Familiarity with ITIL/change management processes, maintenance windows, and rollback planning
- Strong documentation, reporting, and stakeholder communication skills, including proficiency in Excel and/or Power BI
- Good English communication skills
- Preferred Certifications: candidates with one or more of the following certifications will have an advantage:
- CompTIA Security+
- Azure Security Engineer
- RHCSA
- ITIL Foundation
- Associate CISSP
WHY AMARIS?
- Competitive salary and 13th-month salary
- 14+ annual leaves per year
- Premium healthcare insurance, starting from your probation period
- Project reviews and yearly performance appraisals
- Annual company trips
- Teambuilding activities: Team lunch/dinner, events, and celebrations, sports clubs (football, yoga, badminton, etc.)
- International team with flexible working time
- Tailor-made career path
- Technical workshops and training courses
- Mobility: Opportunities to be on-site abroad in our offices in over 60+ countries
Amaris Consulting is proud to be an equal-opportunity workplace. We are committed to promoting diversity within the workforce and creating an inclusive working environment. For this purpose, we welcome applications from all qualified candidates regardless of gender, sexual orientation, race, ethnicity, beliefs, age, marital status, disability, or other characteristics.
Who are we?
Amaris Consulting is an independent technology consulting firm providing guidance and solutions to businesses. With more than 1000 clients across the globe, we have been rolling out solutions in major projects for over a decade – this is made possible by an international team of 7,600 people spread across 5 continents and more than 60 countries. Our solutions focus on four different Business Lines: Information System & Digital, Telecom, Life Sciences and Engineering. We’re focused on building and nurturing a top talent community where all our team members can achieve their full potential. Amaris is your steppingstone to cross rivers of change, meet challenges and achieve all your projects with success.At Amaris, we strive to provide our candidates with the best possible recruitment experience. We like to get to know our candidates, challenge them, and be able to give them proper feedback as quickly as possible. Here's what our recruitment process looks like:
Brief Call: Our process typically begins with a brief virtual/phone conversation to get to know you! The objective? Learn about you, understand your motivations, and make sure we have the right job for you!
Interviews (the average number of interviews is 3 - the number may vary depending on the level of seniority required for the position). During the interviews, you will meet people from our team: your line manager of course, but also other people related to your future role. We will talk in depth about you, your experience, and skills, but also about the position and what will be expected of you. Of course, you will also get to know Amaris: our culture, our roots, our teams, and your career opportunities!
Case study: Depending on the position, we may ask you to take a test. This could be a role play, a technical assessment, a problem-solving scenario, etc.
As you know, every person is different and so is every role in a company. That is why we have to adapt accordingly, and the process may differ slightly at times. However, please know that we always put ourselves in the candidate's shoes to ensure they have the best possible experience.
We look forward to meeting you!