What You Will Do:
This role owns patch management execution and outcomes for Managed Services clients while serving as a co-owner/administrator of the MSP technology stack that enables reliable service delivery. The position is responsible for administering and optimizing core MSP platforms (N-Central, Hudu, AutoElevate, and related technologies), maintaining consistent operational standards, and continuously improving patching, reporting, remediation, and tooling workflows through automation-first practices.
Key Responsibilities
1) Patch Management Ownership (Primary)
- - Own the MSP patching program for workstations and servers across client environments, ensuring consistent patch cadence and measurable compliance.
- - Plan, schedule, and execute patch deployments across Windows and Linux systems, including security updates, feature updates, drivers (where applicable), and third-party patching.
- - Maintain and improve patching workflows including:
- * Testing rings / pilot groups
- * Approval policies
- * Maintenance windows
- * Rollback procedures and mitigation plans
- - Validate updates in controlled groups prior to broad deployment to minimize business disruption and reduce patch-related incidents.
- - Monitor patch execution and failure rates, troubleshoot root causes, and drive timely remediation.
- - Collaborate with internal teams (Service Desk, Security, Compliance, CSMs) to align patching schedules, maintenance windows, and client expectations.
- - Maintain accurate documentation for patching standards, schedules, approvals, exceptions, and client-specific patching requirements.
- - Conduct routine audits to confirm patch policies are functioning as intended and remain consistent across all supported clients.
2) MSP Tooling Administration & Optimization (Co-Primary)
- - Administer and optimize core MSP platform tooling to ensure reliable, consistent service delivery across all managed clients.
- - Serve as an owner/administrator for key systems including:
- * N-Central (patching configuration, monitoring policies, device targeting, automation policy support)
- * Hudu (documentation integrity, KB standards, process alignment for service delivery)
- * AutoElevate (privilege workflows, policy alignment, operational support)
- * Additional MSP tools as needed for service delivery
- - Standardize configurations, naming conventions, policies, and operational “known good” baselines across the managed environment.
- - Improve monitoring, alerting, and reporting visibility related to patching, compliance, and endpoint/system health.
- - Ensure documentation and operational processes remain current as tools evolve, and drive continuous improvement in how tooling is used.
3) Vulnerability & Risk Remediation
- - Partner with Security and Compliance to ensure patching practices align with organizational and regulatory expectations.
- - Support vulnerability remediation workflows by prioritizing and applying security patches that reduce risk exposure.
- - Track and report patch-related risk reduction using vulnerability and compliance metrics (e.g., vulnerability scores, critical patch aging, compliance percentages).
- - Provide consistent reporting to IT leadership on patch health, trends, risks, and exceptions, with actionable next steps.
4) Automation & Operational Efficiency
- - Identify repetitive patching, remediation, and tooling administration work that can be automated and implement automation to reduce manual technician effort.
- - Build and maintain automation for common operational needs such as:
- * Pre/post patch checks
- * Failed patch remediation actions
- * Automated reporting and compliance summaries
- * Device targeting, ring assignments, and standard configuration enforcement
- - Develop, test, and maintain scripts and automations (PowerShell/Bash and platform-based workflows) that are reliable, well-documented, and safe for production use.
- - Establish repeatable “known good” processes and guardrails to reduce patch risk and improve consistency across clients.
5) Cross-Functional Collaboration & Client Impact
- - Coordinate patching activities to minimize disruption to business operations during maintenance windows.
- - Work with client stakeholders through internal teams (CSMs/Service Desk) to address patch exceptions, business constraints, and risk-driven priorities.
- - Contribute to continual service improvement by identifying root causes of recurring patch issues and implementing long-term fixes.
What You Have Done:
- Education: Bachelor's degree in Information Technology, Computer Science, or a related field (or equivalent work experience).
- Experience: 3+ years in system administration with a strong emphasis on patching, update management, and automation.
Technical Skills:
- - Operating Systems:
- * Extensive experience with Windows Server (2016, 2019, 2022) and Linux distributions (RHEL, Ubuntu, CentOS, etc.).
- - Patch & Update Management:
- * Proficiency in patch management tools such as WSUS, SCCM, Intune, Ivanti, or equivalent.
- * Experience automating patch deployments and compliance reporting.
- - Scripting & Automation:
- * Strong proficiency in PowerShell and Bash for automating patching workflows, system configurations, and administrative tasks.
- * Experience with Python or other scripting languages for automating security updates and system maintenance.
- * Ability to develop, test, and maintain automation scripts for scheduled tasks and remediation actions.
- * Experience with Infrastructure-as-Code (IaC) tools such as Ansible, Terraform, or Chef is a plus.
- - Cybersecurity & Compliance:
- * In-depth understanding of cybersecurity best practices related to patching, vulnerability management, and risk assessment.
- * Hands-on experience with vulnerability management tools (Tenable, Qualys, Rapid7) and remediation planning.
- - Active Directory & Network Management:
- * Experience with Active Directory, Group Policy, and managing enterprise network configurations.
- * Knowledge of authentication and access controls related to patching and automation.
- - Cloud & Remote Management:
- * Familiarity with cloud-based patching solutions (Azure Update Management, AWS Systems Manager).
- * Experience with Remote Monitoring & Management (RMM) and Professional Services Automation (PSA) platforms.
- - Monitoring & Performance Optimization:
- * Experience with system monitoring tools such as Nagios, SolarWinds, Splunk, or equivalent.
- * Knowledge of event logging and automated incident response strategies.
- - Soft Skills:
- * Strong analytical and problem-solving abilities.
- * Excellent communication and documentation skills, including technical documentation for automation scripts.
- * Ability to work independently and collaborate within a team.
- * Strong attention to detail and organizational skills.
Certifications (Preferred but not required):
- - Microsoft Certified: Windows Server Administration Fundamentals or equivalent.
- - CompTIA Security+ or Microsoft Certified: Security, Compliance, and Identity Fundamentals.
- - ITIL Foundation certification is a plus.